IDEAS home Printed from https://ideas.repec.org/a/bla/rmgtin/v27y2024i1p57-87.html
   My bibliography  Save this article

Bridging the cyber protection gap: An investigation into the efficacy of the German cyber insurance market

Author

Listed:
  • Frank Cremer
  • Barry Sheehan
  • Michael Fortmann
  • Martin Mullins
  • Finbarr Murphy
  • Stefan Materne

Abstract

Cybersecurity requires an effective risk transfer regime and a well‐functioning insurance market to improve stakeholder resilience. However, rapid cyber threat adaptation, limited data availability, and inadequate risk understanding pose significant challenges for the insurance industry and its customers. This research uses a mixed methods approach to analyze the inclusions, exclusions, and suitability of current cyber policies in the German cyber insurance market. The study analyzes 41 cyber insurance policies, representing about 80% of the German cyber insurance market. This examination is supported by semistructured interviews with 23 cyber insurance experts. The authors find that there are no standardized cyber policy wordings, and insurers use different terms and definitions in their insurance policies. Specifically, the results show a significant lack of clarity around coverages and exclusions. This research contributes to the cybersecurity risk management community and will enable businesses, insurance companies, and policymakers to better understand, measure, and manage cyber risk.

Suggested Citation

  • Frank Cremer & Barry Sheehan & Michael Fortmann & Martin Mullins & Finbarr Murphy & Stefan Materne, 2024. "Bridging the cyber protection gap: An investigation into the efficacy of the German cyber insurance market," Risk Management and Insurance Review, American Risk and Insurance Association, vol. 27(1), pages 57-87, April.
  • Handle: RePEc:bla:rmgtin:v:27:y:2024:i:1:p:57-87
    DOI: 10.1111/rmir.12261
    as

    Download full text from publisher

    File URL: https://doi.org/10.1111/rmir.12261
    Download Restriction: no

    File URL: https://libkey.io/10.1111/rmir.12261?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    References listed on IDEAS

    as
    1. Samuel Foli & Susanne Durst & Lidia Davies & Serdal Temel, 2022. "Supply Chain Risk Management in Young and Mature SMEs," JRFM, MDPI, vol. 15(8), pages 1-15, July.
    2. Daniel Woods & Andrew Simpson, 2017. "Policy measures and cyber insurance: a framework," Journal of Cyber Policy, Taylor & Francis Journals, vol. 2(2), pages 209-226, May.
    3. Martin Eling, 2018. "Cyber Risk and Cyber Risk Insurance: Status Quo and Future Research," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 43(2), pages 175-179, April.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Dirk Wrede & Tino Stegen & Johann-Matthias Schulenburg, 2020. "Affirmative and silent cyber coverage in traditional insurance policies: Qualitative content analysis of selected insurance products from the German insurance market," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 657-689, October.
    2. Eva Boj del Val & M. Mercè Claramunt Bielsa & Xavier Varea Soler, 2020. "Role of Private Long-Term Care Insurance in Financial Sustainability for an Aging Society," Sustainability, MDPI, vol. 12(21), pages 1-21, October.
    3. Michael McShane & Trung Nguyen, 2020. "Time-varying effects of cyberattacks on firm value," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 580-615, October.
    4. Zängerle, Daniel & Schiereck, Dirk, 2022. "Modelling and predicting enterprise‑level cyber risks in the context of sparse data availability," Publications of Darmstadt Technical University, Institute for Business Studies (BWL) 136276, Darmstadt Technical University, Department of Business Administration, Economics and Law, Institute for Business Studies (BWL).
    5. Gareth W. Peters & Matteo Malavasi & Georgy Sofronov & Pavel V. Shevchenko & Stefan Truck & Jiwook Jang, 2022. "Cyber Loss Model Risk Translates to Premium Mispricing and Risk Sensitivity," Papers 2202.10588, arXiv.org, revised Mar 2023.
    6. Sylwia Nieszporska, 2022. "Grey systems in the management of demand for palliative care services in Poland," Health Economics Review, Springer, vol. 12(1), pages 1-13, December.
    7. Daniel W. Woods & Jessica Weinkle, 2020. "Insurance definitions of cyber war," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 639-656, October.
    8. Maria Richert & Marek Dudek, 2023. "Risk Mapping: Ranking and Analysis of Selected, Key Risk in Supply Chains," JRFM, MDPI, vol. 16(2), pages 1-30, January.
    9. Martin Eling & Michael McShane & Trung Nguyen, 2021. "Cyber risk management: History and future research directions," Risk Management and Insurance Review, American Risk and Insurance Association, vol. 24(1), pages 93-125, March.
    10. M. Martin Boyer, 2020. "Cyber insurance demand, supply, contracts and cases," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 559-563, October.
    11. Rui Fang & Maochao Xu & Peng Zhao, 2020. "Should the Ransomware be Paid?," Papers 2010.06700, arXiv.org.
    12. Michael McShane & Trung Nguyen, 0. "Time-varying effects of cyberattacks on firm value," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 0, pages 1-36.
    13. Lukáš Pavlík & Martin Ficek & Jakub Rak, 2022. "Dynamic Assessment of Cyber Threats in the Field of Insurance," Risks, MDPI, vol. 10(12), pages 1-21, November.
    14. Valentin Nikolaenko & Anatoly Sidorov, 2023. "Assessing the Maturity Level of Risk Management in IT Projects," Sustainability, MDPI, vol. 15(17), pages 1-19, August.

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:bla:rmgtin:v:27:y:2024:i:1:p:57-87. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Wiley Content Delivery (email available below). General contact details of provider: http://www.blackwellpublishing.com/journal.asp?ref=1098-1616 .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.