Difference between revisions of "Modeling Cyber-Insurance"

From Cybersecurity Wiki
Jump to navigation Jump to search
Line 7: Line 7:
[http://www1.inf.tu-dresden.de/~rb21/publications/BS2010_Modeling_Cyber-Insurance_WEIS.pdf  ''Web'']  
[http://www1.inf.tu-dresden.de/~rb21/publications/BS2010_Modeling_Cyber-Insurance_WEIS.pdf  ''Web'']  
[http://cyber.law.harvard.edu/cybersecurity/edit/Special:Bibliography?view=&key=Bohme_Schwartz:2010&start=1&nr=1&f=wikibiblio.bib ''BibTeX'']
[http://cyber.law.harvard.edu/cybersecurity/Special:Bibliography?f=wikibiblio.bib&title=Special:Bibliography&view=detailed&action=&keyword=Bohme+Schwartz:2010 ''BibTeX'']

Revision as of 14:21, 24 June 2010

Full Title of Reference

Modeling Cyber-Insurance: Towards A Unified Framework

Full Citation

Rainer Bohme and Galina Schwartz, Modeling Cyber-Insurance: Towards A Unified Framework, Workshop on the Economics of Information Security, Harvard University, Cambridge, MA (June 2010). Web



Issues: Economics of Cybersecurity; Insurance

Key Words

Cyber-Insurance, Risk Assessment


We propose a comprehensive formal framework to classify all market models of cyber-insurance we are aware of. The framework features a common terminology and deals with the specific properties of cyber-risk in a unified way: interdependent security, correlated risk, and information asymmetries. A survey of existing models, tabulated according to our framework, reveals a discrepancy between informal arguments in favor of cyber-insurance as a tool to align incentives for better network security, and analytical results questioning the viability of a market for cyber-insurance. Using our framework, we show which parameters should be considered and endogenized in future models to close this gap.

Additional Notes and Highlights