Analysis of the impact of cyber events for cyber insurance

Autor:	Sachin Shetty, Kjartan Palsson, Steinn Gudmundsson
Rok vydání:	2020
Předmět:	Economics and Econometrics business.industry Data feed General Business Management and Accounting Information asymmetry Incentive Risk analysis (engineering) Risk indicators Accounting Cyber-Insurance business Risk assessment Finance Risk management Interdependent security
Zdroj:	The Geneva Papers on Risk and Insurance - Issues and Practice. 45:564-579
ISSN:	1468-0440 1018-5895
DOI:	10.1057/s41288-020-00171-w
Popis:	The mass adoption of cyber insurance will be predicated on the ability to conduct quantitative cyber risk assessment. This capability is crucial for not only providing insight into the cost of targeted threats but also providing incentives for insured enterprises to invest in protection aimed at preventing exploitation of targeted threats. Research indicates that asymmetric information, correlated loss and interdependent security issues make this difficult if insurers cannot monitor the cybersecurity efforts of the insured enterprises. In this paper, we present an analysis of cyber impacts based on cyber incidents reported in the Advisen cyber loss data feed. We show: (i) how exposure to cyber incidents varies between corporate sectors; (ii) how the type of incident relates to the number of entities and individuals affected by it; (iii) how the type of incident relates to the eventual financial cost; (iv) what type of information is most frequently compromised; (v) a breakdown of the main actors behind cyber incidents; and (vi) how tree-based classifiers can be used to gain insight into cyber risk indicators affecting the cost of incidents.
Databáze:	OpenAIRE
Externí odkaz:	https://explore.openaire.eu/search/publication?articleId=doi_________::fd666a43c660cf2d076fc3dedbc18d90 https://doi.org/10.1057/s41288-020-00171-w Zobrazit plný text záznamu Full text from SpringerLink