, Thematic networks: an analytic tool for qualitative research, Qualitative Research, vol.2, issue.4, pp.385-405, 2001.
DOI : 10.4324/9780203413081_chapter_9
, Cyberinsurance in IT Security Management, IEEE Security & Privacy Magazine, vol.5, issue.3, pp.50-56, 2007.
DOI : 10.1109/MSP.2007.57
, Towards a managerial decision framework for utilization of cyber insurance instruments in IT security, AMCIS 2011 Proceedings -All Submissions, 2011.
, Why IT managers don't go for cyber-insurance products, Communications of the ACM, vol.52, issue.11, pp.68-73, 2009.
DOI : 10.1145/1592761.1592780
, Bayesian networks. Encyclopedia of statistics in quality and reliability, 2007.
, Forewarned is Forearmed: Indicators for Evaluating Information Security Incident Management, 2013 Seventh International Conference on IT Security Incident Management and IT Forensics, pp.3-14, 2013.
DOI : 10.1109/IMF.2013.14
, Insurability of cyber risk: An empirical analysis. The Geneva Papers on Risk and Insurance-Issues and Practice, pp.131-158, 2015.
DOI : 10.1057/gpp.2014.19
, Modeling cyber-insurance: Towards a unifying framework, Workshop on the Economics in Information Security (WEIS), 2012.
, The economic impact of cyberattacks, Tech. rep., CRS Report for Congress, 2004.
, 10 things IT probably doesn't know about cyber insurance, 2014.
, Verification, Validation, and Evaluation in Information Security Risk Management, IEEE Security & Privacy Magazine, vol.9, issue.2, pp.58-65, 2010.
DOI : 10.1109/MSP.2010.117
, A framework for using insurance for cyber-risk management, Communications of the ACM, vol.46, issue.3, pp.81-85, 2003.
DOI : 10.1145/636772.636774
, Complete Guide to Security and Privacy Metrics, 2007.
DOI : 10.1201/9781420013283
, UK cyber security: The role of insurance in managing and mitigating the risk), https://www.gov.uk/ government/publications/uk-cyber-security-the-role-of-insurance 19, 1990.
, Cambridge Centre for Risk Studies: Business blackout -the insurance implications of a cyber attack on the us power grid, 2015.
, Model-driven risk analysis: the CORAS approach, 2010.
DOI : 10.1007/978-3-642-12323-8
, A survey on cyberinsurance, 2015.
, Mitigating Risk with Cyberinsurance, IEEE Security & Privacy, vol.13, issue.6, pp.38-43, 2015.
DOI : 10.1109/MSP.2015.137
, Netdiligence cyber claims study 2014, Tech. rep. NetDilligence, 2014.
, The cause/consequence diagram method as a basis for quantitative accident analysis, Tech. rep., Danish Atomic Energy Commission, Risoe. Research Establishment, 1971.
, Development of early warning indicators based on resilience engineering, PSAM10, International Probabilistic Safety Assessment and Management Conference, pp.7-11
, Quantitative Risk Analysis in Information Security Management: A Modern Fairy Tale, IEEE Security & Privacy, vol.13, issue.6, pp.18-21, 2015.
DOI : 10.1109/MSP.2015.118
, On differentiating cyber-insurance contracts a topological perspective, 2013 IFIP/IEEE International Symposium on, pp.836-839, 2013.
, Cyberattack insurance a challenge for business, 2014.
, Attack Trees, Dr. Dobbs journal, vol.24, issue.12, pp.21-29, 1999.
DOI : 10.1002/9781119183631.ch21
, A review of research on risk analysis methods for IT systems, Proceedings of the 17th International Conference on Evaluation and Assessment in Software Engineering, EASE '13, pp.86-96, 2013.
DOI : 10.1145/2460999.2461013
, Using cyberinsurance as a risk management strategy: Knowledge gaps and recommendations for further research, 2015.
, Insurance for cyber attacks: The issue of setting premiums in context, 2014.
, Essential characteristics of resilience. Resilience engineering: concepts and precepts, pp.21-34, 2006.