 Integrated cyber security risk management-insurance and investment cost analysisThomas (Yew Sing) Lee International Journal of Data Analysis Techniques and Strategies, 2024, vol. 16, issue 3, 223-261 Abstract: An insurer offers cyber insurance coverage to several firms with risk averse decision makers. The cyber insurance premium offered depends on the cyber security implemented at the firm. Each firm faces attacks by multiple types of hackers and decides on the level of investment for cyber security counter measures. We address the software monoculture issue by considering that there is common, popular software used by all firms, and it is a source of correlated risk. Two types of cyber security interdependence breaching processes due to the software monoculture risk were analysed. We derive the probability distribution for the number of breaches and develop the cyber insurance pricing model. We also introduce the concept of cyber security defence level. Furthermore, we proposed to determine the optimal cyber insurance price given a targeted defence level. Finally, we demonstrate the use of our model through several numerical examples. Keywords: cyber insurance; hacker; breaching probability; cyber security; correlated risks; software monoculture risk; defence level; integrated risk management. (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:ids:injdan:v:16:y:2024:i:3:p:223-261 Access Statistics for this article More articles in International Journal of Data Analysis Techniques and Strategies from Inderscience Enterprises Ltd |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.