Differentiating Cyber Risk of Insurance Customers: The Insurance Company Perspective

Abstract : As a basis for offering policy and setting tariffs, cyber-insurance carriers need to assess the cyber risk of companies. This paper explores the challenges insurance companies face in assessing cyber risk, based on literature and interviews with representatives from insurers. The interview subjects represent insurance companies offering cyber-insurance in a market where this is a new and unknown product. They have limited historical data, with few examples of incidents leading to payout. This lack of experience and data, together with the need for an efficient sales process, highly impacts their approach to risk assessment. Two options for improving the ability to perform thorough yet efficient assessments of cyber risk are explored in this paper: basing analysis on reusable sector-specific risk models, and including managed security service providers (MSSPs) in the value chain.
Complete list of metadatas

Cited literature [29 references]  Display  Hide  Download

https://hal.inria.fr/hal-01635023
Contributor : Hal Ifip <>
Submitted on : Tuesday, November 14, 2017 - 4:07:15 PM
Last modification on : Wednesday, November 15, 2017 - 1:15:13 AM
Long-term archiving on : Thursday, February 15, 2018 - 1:43:21 PM

File

430962_1_En_12_Chapter.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Inger Tøndel, Fredrik Seehusen, Erlend Gjære, Marie Moe. Differentiating Cyber Risk of Insurance Customers: The Insurance Company Perspective. International Conference on Availability, Reliability, and Security (CD-ARES), Aug 2016, Salzburg, Austria. pp.175-190, ⟨10.1007/978-3-319-45507-5_12⟩. ⟨hal-01635023⟩

Share

Metrics

Record views

90

Files downloads

93