Skip to main content

Cyber Risk Insurance Framework Considerations

  • Chapter
  • First Online:
Economic and Financial Crime, Sustainability and Good Governance

Abstract

Cyber insurance is a necessity in the context of the digital transformation of society. We live in a world where the chains of usual operation, in general, and those of development and research in informatics must face the associated risks. Prevention and recovery processes are complemented by mitigation processes, which suppose, among others, complex cyber insurances, which involve a priori analyses and evaluations, before concluding the insurance policy and post-factum, after the occurrence of the insured risk.

The study seeks to substantiate the need to develop clear procedures, with levels and stages defined as much detailed as possible, formulating and assuming policies, supporting regulations, sectoral strategies to increase the level of maturity of consumers, individuals, institutions, and private legal entities, regarding protection against cyber threats. The study has identified the need for cooperation between insurers (and re-insurers alike) to provide appropriate types of coverage and exclusions, while splitting the risk among them.

We also intend to introduce in the article the schematic presentation of a reporting system to the state authority of attacks and losses generated by cyber risks, including those directed against critical infrastructures. This type of reporting can ensure transparency for the insurers about the entities they intend to ensure. Nevertheless, given the sensitive information it entails, the implementation details should be carefully thought out.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  • Badea, L., & Rangu, C. M. (2019). Asigurarea riscului cibernetic - o mare provocare cu care se confruntă economiile moderne. Revista de Studii Financiare, 6.

    Google Scholar 

  • Bobek, M. (2021). Reports of cases – Case C-245/20. Court of Justice of the European Union - Opinion of Advocate General Bobek delivered on 6 October 2021 (ECLI:EU:C:2021:822).

    Google Scholar 

  • Boer, M., & Monroe, M. F. (2019). Cyber risk insurance update: Advances in risk management. Prioritizing Prevention and Protection, Institute of International Finance.

    Google Scholar 

  • CSIS & Hackmageddon. (2022). Statistics. Retrieved from https://www.hackmageddon.com/category/security/cyber-attacks-statistics/

  • Deloitte. (2017). Demystifying Cyber insurance coverage: Clearing obstacles in a problematic but promising growth market, A report by the Deloitte Center for Financial Services. Deloitte University Press.

    Google Scholar 

  • Dempsey, K., Chawla, N. S., Johnson, A., Johnston, R., Jones, A. C., Orebaugh, A., Scholl, M., & Stine, K. (2011). Information Security Continuous Monitoring (ISCM) for federal information systems and organizations. Special Publication 800-137, National Institute of Standards and Technology (NIST), U.S. Department of Commerce.

    Book  Google Scholar 

  • European Systemic Risk Board. (2022). Warning of the European systemic risk Board of 22 September 2022 on vulnerabilities in the union financial system (ESRB/2022/7). European System of Financial Supervision.

    Google Scholar 

  • Faulkner, M. (2022). Beazley and Chubb top cyber market share. Lloyd’s List Intelligence, Informa UK Limited.

    Google Scholar 

  • Fauntleroy, J. C., Wagner, R. R., & Laura, O. A. (2015). Cyber insurance-managing cyber risk. Technical report. Institute for Defense Analyses.

    Book  Google Scholar 

  • Geneva Association. (2018). Understanding and addressing global insurance protection gaps.

    Google Scholar 

  • IBM Security. (2022). Cost of a data breach report 2022. IBM Corporation.

    Google Scholar 

  • International Association of Insurance Supervisors (IAIS). (2022). Issues paper on insurance secto operational resilience. Draft for Public Consultation.

    Google Scholar 

  • Nicola Jentzsch, Sören Preibusch, Andreas Harasser, Demosthenes Ikonomou, ENISA, Rodica Tirtea, Study on monetising privacy. An economic model for pricing personal information The European Union Agency for Network and Information Security (ENISA), 2012.

    Google Scholar 

  • Kshetri, N. (2018). The economics of cyber-insurance. IEEE Computer Society, 20(6), 9–14. https://doi.org/10.1109/MITP.2018.2874210

    Article  Google Scholar 

  • Labunets, K., Pieters, W., van Gelder, P., van Eeten, M., Branley-Bell, D., Briggs, P., Coventry, L., Vila, J., & Gómez, Y. (2019). Supporting cyberinsurance from a behavioural choice perspective. CYBECO-WP7-D7.1-v1.0-TUD.

    Google Scholar 

  • LaSalle, J. L. (2022). You may not have the cyber insurance coverage you think you do, report.

    Google Scholar 

  • Levi-Faur, D. (2011). Handbook on the politics of regulation. Edward Elgar.

    Book  Google Scholar 

  • Marotta, A., Martinelli, F., Nanni, S., Orlando, A., & Yautsiukhin, A. (2017). Cyber-insurance survey. Computer Science Review., 24, 35–61. https://doi.org/10.1016/j.cosrev.2017.01.001

    Article  Google Scholar 

  • Marsh. (2021). Financial lines: Time to build resilience - 2021 claims analysis and trends, report.

    Google Scholar 

  • North, D. C. (1999). Dealing with a nonergodic world: institutional economics: Property rights and global environment. 10 Duke Environmental Law & Policy Forum 1-12, 10(1), 1–12.

    Google Scholar 

  • Orlando, A., Marrota, A., Nanni, S., & Martinelli, F. (2017). Cyber - Insurance survey. Computer Science Review, 24(24), 35–61. https://doi.org/10.1016/j.cosrev.2017.01.001

    Article  Google Scholar 

  • Provost, R. (2002). State responsibility in international law. Editorial Routledge. https://doi.org/10.4324/9781315242439

    Book  Google Scholar 

  • Romanosky, S., Ablon, L., Kuehn, A., & Jones, T. (2019). Content analysis of cyber insurance policies: How do carriers’ price cyber risk? Journal of Cybersecurity, 5(1), tyz002. https://doi.org/10.1093/cybsec/tyz002

    Article  Google Scholar 

  • Ruef, M. (2017). Cyber insurance – Benefits and uses. Risk Rating and Methodologies.

    Google Scholar 

  • The European Union Agency for Network and Information Security (ENISA). (2015). Guideline on threats and assets, technical guidance on threats and assets in Article 13a. Retrieved from https://resilience.enisa.europa.eu/article-13/guideline_on_threats_and_assets/Guideline_on_Threats_and_Assets_v_1_1.pdf

  • The European Union Agency for Network and Information Security (ENISA). (2022). Glossary - Threat and risk management. Retrieved from https://www.enisa.europa.eu/topics/threat-risk-management/risk-management/current-risk/risk-management-inventory/glossary

  • UN Secretary-General & UN Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security. (2015). Report (A/70/174) of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security: Note/by the Secretary-General. General Assembly, United Nations.

    Google Scholar 

  • Vasileiadis, N., Couce, A., Benito, P., Tsekeridou, S., Vila, J., Baylon, C., Cousin, M., Baylon, C., Pieters, W., Labunets, K., Briggs, P., Branley-Bell, D., & Ríos, D. (2019). Supporting cyberinsurance from a behavioural choice perspective. CYBECO WP2-D2.3(d)-v2.0-TREK.

    Google Scholar 

Download references

Acknowledgments

This paperwork was carried out under the auspices of the Center for Research on Socio-Economic Dynamics in Sustainable Development (CC-DiSEDD), Danubius University of Galati, Romania.

This work was supported by a grant of the Romanian Ministry of Education and Research, CNCS—UEFISCDI, project number PN-III-P4-ID-PCE-2020-2174, within PNCDI III.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Mircea Constantin Șcheau .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Rangu, C.M., Pană, N., Șcheau, M.C. (2023). Cyber Risk Insurance Framework Considerations. In: Achim, M.V. (eds) Economic and Financial Crime, Sustainability and Good Governance. Contributions to Finance and Accounting. Springer, Cham. https://doi.org/10.1007/978-3-031-34082-6_15

Download citation

Publish with us

Policies and ethics