A systematic literature review of cyber insurance challenges

Aziz, Baharuddin; Suhardi, .; Kurnia, Kurnia

doi:10.1109/icitsi50517.2020.9264966

Cited by 13 publications

(8 citation statements)

References 46 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Given that the cyber insurance domain is going through foundational development, transformation and shaping, in this paper we aimed to investigate and present an overall view of the domain today, including drivers, obstacles, practices and involved processes, status and involved stakeholders. Similar literature reviews have been performed by few researchers, including [9,10] and [11]. Our work not only updates the insights that these works provide, but it is also complementary to their findings.…”

Section: Introductionsupporting

confidence: 84%

“…ISO 27102 [23] defines a cyber incident as a cyber event that involves a loss of information security or impacts business operations. In [10], the author classifies cyber incidents into five types: system malfunction, data breach, data integrity or availability loss, human errors and malicious activities.…”

Section: Cybersecurity Insurance Policiesmentioning

confidence: 99%

“…Specifically, the authors in [9] discuss the stakeholders of cyber insurance market, aspects regarding the cyber insurance process, policies and contracts. The author in [10] particularly focuses on the challenges faced by the insured (e.g., the complexity of the insurance contract). In [11], the authors also highlight practical challenges, including how to assess cyber risks during the underwriting process and how to calculate and receive appropriate compensation.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Cyber insurance: state of the art, trends and future directions

Tsohou

Diamantopoulou

Gritzalis

et al. 2023

Int. J. Inf. Secur.

View full text Add to dashboard Cite

Society has become increasingly dependent on IT infrastructure and services. Additionally, the pandemic of COVID-19 forced the transition of the traditional way of working (i.e., physical presence) into a more modern and flexible one (i.e., working remotely). This has led to an increase of cyberattacks, as a direct consequence of the increase of the attack surface but subsequently also led to an increased necessity for the protection of information systems. Toward the protection of information systems, cyber insurance is considered as a strategy for risk management, where necessary. Cyber insurance is emerging as an important tool to protect organizations against cyberattack-related losses. In this work, we extensively examine the relevant literature on cybersecurity insurance, research and practice, in order to draft the current landscape and present the trends.

show abstract

Section: Introductionsupporting

confidence: 84%

Section: Cybersecurity Insurance Policiesmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Cyber insurance: state of the art, trends and future directions

Tsohou

Diamantopoulou

Gritzalis

et al. 2023

Int. J. Inf. Secur.

View full text Add to dashboard Cite

show abstract

“…Cyber insurance is believed to be an essential mechanism to protect organisations from cyber-attack that can result in data and reputation loss, thus impacting the organisation's bottom line [12][18] [19]. A recent review of the literature on this matter found that cyber insurance plays a vital role in minimizing potential losses in an organisation by mitigating the risks caused by cyber threats [18]. Fig.…”

Section: A Cyber Insurancementioning

confidence: 99%

Adoption of Cyber Insurance in Malaysian Organisations

et al. 2022

View full text Add to dashboard Cite

As businesses have embraced more and more technology, cyber risk has become one of the essential components of a risk management initiative that seeks to mitigate and analyze the multitude of new risks. One risk mitigation process is investing in cyber insurance to safeguard the organisations’ assets from cyber threats by transferring them to the insurer. For businesses to decide on cyber insurance, choosing the right insurance plan and policy is crucial. To do so, they need to consider the factors of its implementation. Therefore, this paper aims to investigate the adoption of cyber insurance in Malaysian organisations, thus further exploring the organisations' perceptions of the factors of adopting cyber insurance. A qualitative study is conducted to understand and describe Malaysian organisations’ needs, obstacles, and processes related to cyber insurance adoption by interviewing cybersecurity professionals and cyber insurance personnel to explore valuable insight into the existing knowledge. 30% of the respondents have adopted cyber insurance. While 40% of the respondents were unsure, the other 30% did not adopt cyber insurance in their organisation respectively. These insights include the factors in adopting cyber insurance among Malaysian organisations, which might be crucial for informing future research and practice in the cyber insurance industry. The novelty of this research is the overview of knowledge gaps and perceptions related to the adoption of cyber insurance in Malaysian organisations. Also, this research aims to consider the advantages of the relevant obstacles that influence the decision makers to adopt cyber insurance.

show abstract

“…Currently, different cyber insurance approaches are explored by companies, effectively expanding the market, either (a) introducing new business models and mechanisms to gain advantages or (b) improving their insurance services by using new technologies. However, critical open challenges for a cyber insurance adoption exist, e.g., the information asymmetry that has to be considered during the contract's design and the customer's eligibility for coverage [1]. Thus, different cyber insurance approaches have been proposed and new paradigms have been applied in such a context [16].…”

Section: Introductionmentioning

confidence: 99%

SaCI: A Blockchain-Based Cyber Insurance Approach for the Deployment and Management of a Contract Coverage

Franco

Berni

Scheid

et al. 2021

Economics of Grids, Clouds, Systems, and Services

View full text Add to dashboard Cite

The cyber insurance market is still in its infancy but growing fast. Novel models and standards for this particular insurance market are essential due to the use of modern IT (Information Technology) and since insurance providers need to create suitable models for customers. In this work, a refreshing approach SaCI for the deployment and management of contract coverage is introduced. SaCI translates relevant information of a cyber insurance contract to Smart Contracts (SC) running on the Blockchain (BC). Thus, SaCI (i) allows for recording agreements in an immutable way, (ii) simplifies interactions between stakeholders (e.g., customers and insurers), and (iii) ensures a trustworthy and transparent process during the life-cycle of the contract. A case study is provided to show evidence of the feasibility of the approach, which is backed by a cost analysis and discussion regarding especially the application of BCs.

show abstract

A systematic literature review of cyber insurance challenges

Cited by 13 publications

References 46 publications

Cyber insurance: state of the art, trends and future directions

Cyber insurance: state of the art, trends and future directions

Adoption of Cyber Insurance in Malaysian Organisations

SaCI: A Blockchain-Based Cyber Insurance Approach for the Deployment and Management of a Contract Coverage

Contact Info

Product

Resources

About