Skip to main content
SpringerLink
Log in

What Ails Cyber Insurance? An Analysis of Barriers and Drivers Using Fuzzy TOPSIS Method

SN Computer Science volume 5, Article number: 20 (2024) Cite this article

Abstract

The Cyber Insurance market is very puny compared to the other lines of Insurance. Despite a considerable spate of data breaches and a phenomenal increase in cybercrimes in recent years, cyber insurance does not appear to have grown proportionately, and multiple factors deter its growth. At the same time, some drivers propelling its growth remain too. While cyber-related losses are projected to exceed a few trillion USD, cyber insurance premiums languish around a few billion USD only. This paper aims to review the previously undertaken studies on cyber insurance markets and identify the key factors deterring and propelling growth. Using the Fuzzy TOPSIS method, one of the widely used methods for ranking alternatives, the authors rank the drivers in priority, which can help remove the barriers impeding the cyber insurance market growth. In addition, the authors discuss how such drivers can be implemented, learning lessons from other lines of insurance to support cyber insurance market growth. The authors conclude by stating the limitations of this study and suggesting further areas for future research.

This is a preview of subscription content, access via your institution.

Access options

Buy single article

Instant access to the full article PDF.

USD 39.95

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Data availability

Not applicable since the data supporting the findings of this study are available within the article.

References

  1. Heading S, Zahidi S. The Global Risks Report 2023 18th Edition. World Eco- nomic Forum, 2023.

  2. Statista. Estimate cost from cybersecurity Worldwide 2017–2028 (in trillion US dollars). 2023. Available: https://www.statista.com/statistics/1280009/cost-cybercrime-worldwide/.

  3. Morgan S. Top 10 Cybersecurity Predictions and Statistics for 2023," Cybersecurity Ventures, Dec 10 2022. Available: https://cybersecurityventures.com/top-5-cybersecurity-facts-figures-predictions-and-statistics-for-2021-to-2025/. (Accessed 15 05 2023).

  4. Ponemon Institute and IBM Security. Cost of a Data Breach Report 2022. IBM Corporation; 2022.

    Google Scholar 

  5. Boehme R and Schwartz G. Modeling cyber-insurance: towards a unifying framework. 2010. https://www1.icsi.berkeley.edu/pubs/networking/model-ingcyber10.pdf. (Accessed 18 09 2022).

  6. Kreuzer M, von dem Knesebeck A. Munich Re global cyber risk and insurance survey 2022. Münchner Rückversicherungs-Gesellschaft, 2022.

  7. Catlin T, Kampshoff P, Hensley R, McElhaney D. Connected revolution: the future of US auto insurance. McKinsey & Company; 2022.

    Google Scholar 

  8. Agrawal V, Balasubramanian R, Bernard P-I, Cook KC, de Nayves HC, Gestal A, Kotanko B. Global Insurance Report 2023: reimagining life insurance. McKinsey & Company; 2022.

    Google Scholar 

  9. Advisen and Zurich Insurance Group. Information security and cyber risk management. Advisen and Zurich Insurance Group; 2022.

    Google Scholar 

  10. Woods D, Agrafiotis I, Nurse JRC, Creese S. Mapping the coverage of security controls in cyber insurance proposal forms. J Internet Serv Appl. 2017. https://doi.org/10.1186/s13174-017-0059-y.

    Article  Google Scholar 

  11. ENISA. Cyber insurance: recent advances, good practices and challenges. European Union Agency for Network and Information Security; 2016.

    Google Scholar 

  12. Lloyd's Market Association. Cargo clauses page. Lloyd's Market Association, 2008. https://www.lmalloyds.com/lma/underwriting/marine/JCC/JCC_Clauses_Project/Cargo_Clauses.aspx. (Accessed 17 09 2022).

  13. Kim T. Warren buffett: cybersecurity risk ‘is uncharted territory. It’s going to get worse, not better’. CNBC, 05 05 2018. https://www.cnbc.com/2018/05/05/warren-buffett-cybersecurity-risk-isuncharted-territory-its-going-to-get-worse-not-better.html. (Accessed 17 09 2022).

  14. Logan T. The time for cyber insurance: coverage improves supply chain resiliency rapporteur summary of FDD-lockton companies tabletop exercise. Foundation for Defense of Democracies (FDD), 2020.

  15. Sullivan J and Nurse JRC. Cyber security incentives and the role of cyber insurance. Royal United Services Institute for Defence and Security Studies, 2020.

  16. Lloyd's List Intelligence. Transparent and actionable Maritime data. Maritime Insights & Intelligence Limited. https://www.lloydslistintelligence.com/about-us/our-data. (Accessed 17 09 2022).

  17. United States Government Accountability Office. Insurers and policyholders face challenges in an evolving market. United States Government Accountability Office; 2021.

    Google Scholar 

  18. Deloitte Center for Financial Services. Overcoming Challenges to cyber insurance growth. Deloitte Insights, 2020.

  19. ENISA, Neil Robinson, RAND Europe. Incentives and barriers of the cyber insurance market in Europe. European Network and Information Security Agency, 2012.

  20. Marsh & Microsoft. 2019 Global cyber risk perception survey. Marsh McLennan Insights, 2019.

  21. National Association of Insurance Commissioners (NAIC). Cyber supplement report 2022 for data year 2021. NAIC; 2022.

    Google Scholar 

  22. National Association of Insurance Commissioners (NAIC). Report on the cybersecurity insurance market. NAIC; 2021.

    Google Scholar 

  23. Arunachalam TL. Interviewee, what ails cyber insurance? 2022.

  24. Biden JR, Jr., Remarks by President Biden on the colonial pipeline incident. US Embassy & Consulates in the United Kingdom, 2021. https://uk.usembassy.gov/remarks-by-president-biden-on-the-colonial-pipeline-incident/. (Accessed 17 09 2022).

  25. Smith KT, Smith LM, Burger M, Boyle ES. Cyber terrorism cases and stock market valuation effects. Inf Comput Secur. 2023. https://doi.org/10.1108/ics-09-2022-0147.

    Article  Google Scholar 

  26. United States Department of the Treasury. Terrorism Risk Insurance Program. US Department of the Treasury. https://home.treasury.gov/policy-issues/financial-markets-financial-institutions-and-fiscal-service/federal-insurance-office/terrorism-risk-insurance-program. (Accessed 15 02 2023).

  27. Willis Towers Watson. Terrorism Pool Index 2022. International Forum of Terrorism Risk (Re)Insurance Pools (IFTRIP), 2022.

  28. Organization for Economic Co-operation and Development (OECD). Terrorism Risk Insurance Programmes, “Organisation for Economic Co-operation and Development (OECD)”. https://www.oecd.org/daf/fin/insurance/terrorism-risk-insurance-programmes.htm. (Accessed 04 05 2023).

  29. Ministry of Road Transport and Highways, Government of India. The Motor Vehicles Act, 1988. Ministry of Road Transport and Highways, Government of India, 1988. https://morth.nic.in/motor-vehicles-act-1988. (Accessed 20 04 2023).

  30. Tuli N and Jenkins C. The insurance and reinsurance law review: India. The Insurance and Reinsurance Law Review, 2022. https://thelawre-views.co.uk/title/the-insurance-and-reinsurance-law-review/india. (Accessed 20 04 2023).

  31. Financial Conduct Authority (FCA). Buying professional indemnity insurance. Financial Conduct Authority (FCA); 2022.

    Google Scholar 

  32. National Conference of State Legislatures (NCSL). Security breach notification laws. National Conference of State Legislatures (NCSL), 2022. https://www.ncsl.org/technology-and-communication/security-breach-notification-laws. (Accessed 20 04 2023).

  33. Ministry of Road Transport and Highways (MoRTH). National register e-services. Ministry of road transport and highways (MoRTH). https://vahan.parivahan.gov.in/nrservices/. (Accessed 10 05 2023).

  34. Ministry of Road Transport and Highways (MoRTH). SARATHI home public. Ministry of Road Transport and Highways (MoRTH). https://sarathi.parivahan.gov.in/SarathiReport/sarathiHomePublic.do. (Accessed 03 04 2023).

  35. Harris KD, General A. California data breach report 2016. California Department of Justice, 2016.

  36. Department of Defense Chief Information Officer (DoD CIO). About CMMC. Department of Defense Chief Information Officer (DoD CIO). https://dodcio.defense.gov/CMMC/about/. (Accessed 20 04 2023).

  37. PCI Security Standards Council (PCI SSC). PCI security standards. PCI Security Standards Council (PCI SSC). https://www.pcisecuritystandards.org/. (Accessed 20 04 2023).

  38. US Department of Energy (DOE). Cybersecurity capability maturity model (C2M2). US Department of Energy (DOE). https://www.energy.gov/ceser/cybersecurity-capability-maturity-model-c2m2. (Accessed 18 09 2022).

  39. Granato A, Polacek A. The growth and challenges of cyber insurance. Chicago Fed Lett. 2019. https://doi.org/10.21033/cfl-2019-426.

    Article  Google Scholar 

  40. National Cyber Security Centre (NCSC). Cyber essentials: overview. National Cyber Security Centre (NCSC). https://www.ncsc.gov.uk/cyberessentials/overview. (Accessed 14 05 2023).

  41. Innovation, Science and Economic Development Canada (ISED). CyberSecure Canada," Innovation, Science and Economic Development Canada (ISED). 2023. https://ised-isde.canada.ca/site/cybersecure-canada/en. (Accessed 20 04 2023).

  42. Carter RA, Enoizi J. Cyber war and terrorism: a common language to promote insurability. The Geneva Association; 2020.

    Google Scholar 

  43. The White House. Statement from the press secretary. Trump White House website, 2018. https://trumpwhitehouse.archives.gov/briefings-statements/statement-press-secretary-25/ (Accessed 02 03 2023).

  44. Martin A. Mondelez and Zurich reach settlement in NotPetya cyberattack insurance suit. The Record website, 2022. https://therecord.media/mondelez-and-zurich-reach-settlement-in-notpetya-cyberattack-insurance-suit. (Accessed 02 03 2023).

  45. Davison P, Mather C. Cyber war & cyber operation clauses updated. Lloyd's Market Association (LMA) website, 2023. https://www.lmalloyds.com/LMA/News/LMA_bulletins/LMA_Bulletins/LMA23-002-PD.aspx. (Accessed 02 04 2023).

  46. Brockett PL, Golden LL, Zaparolli S, Lum JM. Kidnap and ransom insurance: a strategically useful, often undiscussed, marketplace tool for international operations. Risk Manag Insur Rev. 2019;22:421–40. https://doi.org/10.1111/rmir.12134.

    Article  Google Scholar 

  47. Soyer B. Warranties in marine insurance. Routledge; 2019.

    Google Scholar 

  48. International Maritime Organization (IMO). The International Safety Management (ISM) Code. IMO website. https://www.imo.org/en/ourwork/humanelement/pages/ISMCode.aspx/ (Accessed 14 02 2023).

  49. Ernst & Young. Study on pools and on ad-hoc co(re)insurance agreements on the subscription market. Publications Office of the European Union, 2017.

  50. Faure M, Nieuwesteeg BFH. The law and economics of cyber risk pooling. NYU J Law Bus. 2018;14(3):923–63.

    Google Scholar 

  51. Organization for Economic Co-operation and Development (OECD). Enhancing financial protection against catastrophe risks: the role of catastrophe risk insurance programmes. Organisation for Economic Co-operation and Development (OECD), 2017.

  52. Joint Select Committee on Northern Australia. Inquiry into the cyclone reinsurance pool. Commonwealth of Australia, 2023.

  53. World Bank Group. Sovereign catastrophe risk pools: world bank technical contribution to the G20. Washington: World Bank; 2017.

    Book  Google Scholar 

  54. Haushofer M, Austen R, Subramaniam S. Speech by Mr Heng Swee Keat, Minister for Finance, and MAS' Board Member, at the 15th Singapore Interna- tional Reinsurance Conference on Oct 29 2018. Monetary Authority of Singapore, 2018. https://www.mas.gov.sg/news/speeches/2018/speech-at-the-15th-singapore-international-reinsurance-conference. (Accessed 18 09 2022).

  55. Bengfort H. What are health insurance rewards programs, and how do they impact HRAs?. PeopleKeep, Inc. website, 2023. https://www.people-keep.com/blog/what-are-health-insurance-rewards-programs. (Accessed 25 06 2023).

  56. Silvello A, Procaccini A. Connected insurance reshaping the health insurance industry. IntechOpen. 2020. https://doi.org/10.5772/intechopen.85123.

    Article  Google Scholar 

  57. Cyber Security Agency of Singapore (CSA). Cybersecurity Labelling Scheme (CLS). Cyber Security Agency of Singapore (CSA). https://www.csa.gov.sg/our-programmes/certification-and-labelling-schemes/cybersecurity-labelling-scheme. (Accessed 02 06 2023).

  58. ENISA (European Union Agency for Network and Information Security). EU Cybersecurity Certification FAQ. ENISA website. https://www.enisa.europa.eu/topics/certification/eu-cybersecurity-certification-faq/certification-schemes-and-cabs-faq?v2=1&tab=details. (Accessed 22 05 2023).

  59. National Cyber Security Centre (NCSC). Commercial Product Assurance (CPA). NCSC website. https://www.ncsc.gov.uk/information/commercial-product-assurance-cpa. (Accessed 22 05 2023).

  60. Chester A, Lorenz J-T, Straub M and Stüer C. The hidden benefits of value-added services in commercial lines insurance. McKinsey & Company website, 2019. https://www.mckinsey.com/industries/financial-services/our-insights/the-hidden-benefits-of-value-added-services-in-commercial-lines-insurance. (Accessed 22 05 2023).

  61. Rush D, Montalbo J, Baumann N, Evans P. Insurance trends: new world, new customers, new solutions. Deloitte UK website; 2019.

    Google Scholar 

  62. von Watzdorf S, Skorna A. How value added services influence the purchasing decision of insurance products. Int Assoc Study Insur Econ. 2017.

  63. OECD. The impact of big data and artificial intelligence (AI) in the insurance sector. OECD; 2020.

    Google Scholar 

  64. Romanosky S, Ablon L, Kuehn A, Jones T. Content analysis of cyber insurance policies: how do carriers price cyber risk?". J Cybersecur. 2019. https://doi.org/10.1093/cybsec/tyz002.

    Article  Google Scholar 

Download references

Funding

Not applicable.

Author information

Authors and Affiliations

  1. Pondicherry University, Puducherry, 605014, India

    B. Ganapathi Subramaniam & T. Chithralekha

  2. Sri Sarada College for Women (Autonomous), Salem, Tamil Nadu, India

    B. Amudhambigai

Authors
  1. B. Ganapathi Subramaniam
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. T. Chithralekha
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. B. Amudhambigai
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to B. Ganapathi Subramaniam.

Ethics declarations

Conflict of Interest

The authors declare that they have no conflict of interest.

Research Involving Human Participants and/or Animals

Not applicable.

Informed Consent

Not applicable.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This article is part of the topical collection “Advances in Internet Research and Engineering 2023” guest edited by Sudarsan S. D., Mohit Sethi, and Balaji Rajendran.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and Permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Ganapathi Subramaniam, B., Chithralekha, T. & Amudhambigai, B. What Ails Cyber Insurance? An Analysis of Barriers and Drivers Using Fuzzy TOPSIS Method. SN COMPUT. SCI. 5, 20 (2024). https://doi.org/10.1007/s42979-023-02266-2

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s42979-023-02266-2

Keywords

search

Navigation