Abstract
Cyber insurance is a necessity in the context of the digital transformation of society. We live in a world where the chains of usual operation, in general, and those of development and research in informatics must face the associated risks. Prevention and recovery processes are complemented by mitigation processes, which suppose, among others, complex cyber insurances, which involve a priori analyses and evaluations, before concluding the insurance policy and post-factum, after the occurrence of the insured risk.
The study seeks to substantiate the need to develop clear procedures, with levels and stages defined as much detailed as possible, formulating and assuming policies, supporting regulations, sectoral strategies to increase the level of maturity of consumers, individuals, institutions, and private legal entities, regarding protection against cyber threats. The study has identified the need for cooperation between insurers (and re-insurers alike) to provide appropriate types of coverage and exclusions, while splitting the risk among them.
We also intend to introduce in the article the schematic presentation of a reporting system to the state authority of attacks and losses generated by cyber risks, including those directed against critical infrastructures. This type of reporting can ensure transparency for the insurers about the entities they intend to ensure. Nevertheless, given the sensitive information it entails, the implementation details should be carefully thought out.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Badea, L., & Rangu, C. M. (2019). Asigurarea riscului cibernetic - o mare provocare cu care se confruntă economiile moderne. Revista de Studii Financiare, 6.
Bobek, M. (2021). Reports of cases – Case C-245/20. Court of Justice of the European Union - Opinion of Advocate General Bobek delivered on 6 October 2021 (ECLI:EU:C:2021:822).
Boer, M., & Monroe, M. F. (2019). Cyber risk insurance update: Advances in risk management. Prioritizing Prevention and Protection, Institute of International Finance.
CSIS & Hackmageddon. (2022). Statistics. Retrieved from https://www.hackmageddon.com/category/security/cyber-attacks-statistics/
Deloitte. (2017). Demystifying Cyber insurance coverage: Clearing obstacles in a problematic but promising growth market, A report by the Deloitte Center for Financial Services. Deloitte University Press.
Dempsey, K., Chawla, N. S., Johnson, A., Johnston, R., Jones, A. C., Orebaugh, A., Scholl, M., & Stine, K. (2011). Information Security Continuous Monitoring (ISCM) for federal information systems and organizations. Special Publication 800-137, National Institute of Standards and Technology (NIST), U.S. Department of Commerce.
European Systemic Risk Board. (2022). Warning of the European systemic risk Board of 22 September 2022 on vulnerabilities in the union financial system (ESRB/2022/7). European System of Financial Supervision.
Faulkner, M. (2022). Beazley and Chubb top cyber market share. Lloyd’s List Intelligence, Informa UK Limited.
Fauntleroy, J. C., Wagner, R. R., & Laura, O. A. (2015). Cyber insurance-managing cyber risk. Technical report. Institute for Defense Analyses.
Geneva Association. (2018). Understanding and addressing global insurance protection gaps.
IBM Security. (2022). Cost of a data breach report 2022. IBM Corporation.
International Association of Insurance Supervisors (IAIS). (2022). Issues paper on insurance secto operational resilience. Draft for Public Consultation.
Nicola Jentzsch, Sören Preibusch, Andreas Harasser, Demosthenes Ikonomou, ENISA, Rodica Tirtea, Study on monetising privacy. An economic model for pricing personal information The European Union Agency for Network and Information Security (ENISA), 2012.
Kshetri, N. (2018). The economics of cyber-insurance. IEEE Computer Society, 20(6), 9–14. https://doi.org/10.1109/MITP.2018.2874210
Labunets, K., Pieters, W., van Gelder, P., van Eeten, M., Branley-Bell, D., Briggs, P., Coventry, L., Vila, J., & Gómez, Y. (2019). Supporting cyberinsurance from a behavioural choice perspective. CYBECO-WP7-D7.1-v1.0-TUD.
LaSalle, J. L. (2022). You may not have the cyber insurance coverage you think you do, report.
Levi-Faur, D. (2011). Handbook on the politics of regulation. Edward Elgar.
Marotta, A., Martinelli, F., Nanni, S., Orlando, A., & Yautsiukhin, A. (2017). Cyber-insurance survey. Computer Science Review., 24, 35–61. https://doi.org/10.1016/j.cosrev.2017.01.001
Marsh. (2021). Financial lines: Time to build resilience - 2021 claims analysis and trends, report.
North, D. C. (1999). Dealing with a nonergodic world: institutional economics: Property rights and global environment. 10 Duke Environmental Law & Policy Forum 1-12, 10(1), 1–12.
Orlando, A., Marrota, A., Nanni, S., & Martinelli, F. (2017). Cyber - Insurance survey. Computer Science Review, 24(24), 35–61. https://doi.org/10.1016/j.cosrev.2017.01.001
Provost, R. (2002). State responsibility in international law. Editorial Routledge. https://doi.org/10.4324/9781315242439
Romanosky, S., Ablon, L., Kuehn, A., & Jones, T. (2019). Content analysis of cyber insurance policies: How do carriers’ price cyber risk? Journal of Cybersecurity, 5(1), tyz002. https://doi.org/10.1093/cybsec/tyz002
Ruef, M. (2017). Cyber insurance – Benefits and uses. Risk Rating and Methodologies.
The European Union Agency for Network and Information Security (ENISA). (2015). Guideline on threats and assets, technical guidance on threats and assets in Article 13a. Retrieved from https://resilience.enisa.europa.eu/article-13/guideline_on_threats_and_assets/Guideline_on_Threats_and_Assets_v_1_1.pdf
The European Union Agency for Network and Information Security (ENISA). (2022). Glossary - Threat and risk management. Retrieved from https://www.enisa.europa.eu/topics/threat-risk-management/risk-management/current-risk/risk-management-inventory/glossary
UN Secretary-General & UN Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security. (2015). Report (A/70/174) of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security: Note/by the Secretary-General. General Assembly, United Nations.
Vasileiadis, N., Couce, A., Benito, P., Tsekeridou, S., Vila, J., Baylon, C., Cousin, M., Baylon, C., Pieters, W., Labunets, K., Briggs, P., Branley-Bell, D., & Ríos, D. (2019). Supporting cyberinsurance from a behavioural choice perspective. CYBECO WP2-D2.3(d)-v2.0-TREK.
Acknowledgments
This paperwork was carried out under the auspices of the Center for Research on Socio-Economic Dynamics in Sustainable Development (CC-DiSEDD), Danubius University of Galati, Romania.
This work was supported by a grant of the Romanian Ministry of Education and Research, CNCS—UEFISCDI, project number PN-III-P4-ID-PCE-2020-2174, within PNCDI III.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Rangu, C.M., Pană, N., Șcheau, M.C. (2023). Cyber Risk Insurance Framework Considerations. In: Achim, M.V. (eds) Economic and Financial Crime, Sustainability and Good Governance. Contributions to Finance and Accounting. Springer, Cham. https://doi.org/10.1007/978-3-031-34082-6_15
Download citation
DOI: https://doi.org/10.1007/978-3-031-34082-6_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-34081-9
Online ISBN: 978-3-031-34082-6
eBook Packages: Economics and FinanceEconomics and Finance (R0)