IDEAS home Printed from https://ideas.repec.org/p/arx/papers/2308.00921.html
   My bibliography  Save this paper

Incident-Specific Cyber Insurance

Author

Listed:
  • Wing Fung Chong
  • Daniel Linders
  • Zhiyu Quan
  • Linfeng Zhang

Abstract

In the current market practice, many cyber insurance products offer a coverage bundle for losses arising from various types of incidents, such as data breaches and ransomware attacks, and the coverage for each incident type comes with a separate limit and deductible. Although this gives prospective cyber insurance buyers more flexibility in customizing the coverage and better manages the risk exposures of sellers, it complicates the decision-making process in determining the optimal amount of risks to retain and transfer for both parties. This paper aims to build an economic foundation for these incident-specific cyber insurance products with a focus on how incident-specific indemnities should be designed for achieving Pareto optimality for both the insurance seller and buyer. Real data on cyber incidents is used to illustrate the feasibility of this approach. Several implementation improvement methods for practicality are also discussed.

Suggested Citation

  • Wing Fung Chong & Daniel Linders & Zhiyu Quan & Linfeng Zhang, 2023. "Incident-Specific Cyber Insurance," Papers 2308.00921, arXiv.org.
    • Handle: RePEc:arx:papers:2308.00921
    as

    Download full text from publisher

    File URL: http://arxiv.org/pdf/2308.00921
    File Function: Latest version
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Dacorogna, Michel & Debbabi, Nehla & Kratz, Marie, 2023. "Building up cyber resilience by better grasping cyber risk via a new algorithm for modelling heavy-tailed data," European Journal of Operational Research, Elsevier, vol. 311(2), pages 708-729.
    2. Eling, Martin & Wirfs, Jan, 2019. "What are the actual costs of cyber risk events?," European Journal of Operational Research, Elsevier, vol. 272(3), pages 1109-1119.
    3. Wing Fung Chong & Runhuan Feng & Hins Hu & Linfeng Zhang, 2022. "Cyber Risk Assessment for Capital Management," Papers 2205.08435, arXiv.org, revised Jan 2025.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Matteo Malavasi & Gareth W. Peters & Stefan Treuck & Pavel V. Shevchenko & Jiwook Jang & Georgy Sofronov, 2024. "Cyber Risk Taxonomies: Statistical Analysis of Cybersecurity Risk Classifications," Papers 2410.05297, arXiv.org.
    2. Kaur, Harpreet & Gupta, Mahima & Singh, Surya Prakash, 2024. "Integrated model to optimize supplier selection and investments for cyber resilience in digital supply chains," International Journal of Production Economics, Elsevier, vol. 275(C).
    3. Pavel V. Shevchenko & Jiwook Jang & Matteo Malavasi & Gareth W. Peters & Georgy Sofronov & Stefan Truck, 2022. "The Nature of Losses from Cyber-Related Events: Risk Categories and Business Sectors," Papers 2202.10189, arXiv.org, revised Mar 2022.
    4. Matteo Malavasi & Gareth W. Peters & Pavel V. Shevchenko & Stefan Truck & Jiwook Jang & Georgy Sofronov, 2021. "Cyber Risk Frequency, Severity and Insurance Viability," Papers 2111.03366, arXiv.org, revised Mar 2022.
    5. Suyuan Luo & Tsan‐Ming Choi, 2022. "E‐commerce supply chains with considerations of cyber‐security: Should governments play a role?," Production and Operations Management, Production and Operations Management Society, vol. 31(5), pages 2107-2126, May.
    6. Agbodoh-Falschau, Kouassi Raymond & Ravaonorohanta, Bako Harinivo, 2023. "Investigating the influence of governance determinants on reporting cybersecurity incidents to police: Evidence from Canadian organizations’ perspectives," Technology in Society, Elsevier, vol. 74(C).
    7. Uddin, Md Hamid & Mollah, Sabur & Islam, Nazrul & Ali, Md Hakim, 2023. "Does digital transformation matter for operational risk exposure?," Technological Forecasting and Social Change, Elsevier, vol. 197(C).
    8. Julien Hambuckers & Marie Kratz & Antoine Usseglio-Carleve, 2023. "Efficient Estimation In Extreme Value Regression Models Of Hedge Fund Tail Risks," Working Papers hal-04090916, HAL.
    9. Gabriela Zeller & Matthias Scherer, 2023. "Risk mitigation services in cyber insurance: optimal contract design and price structure," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 48(2), pages 502-547, April.
    10. Denuit, Michel & Ortega-Jimenez, Patricia & Robert, Christian Y., 2024. "No-sabotage under conditional mean risk sharing of dependent-by-mixture insurance losses," LIDAM Discussion Papers ISBA 2024019, Université catholique de Louvain, Institute of Statistics, Biostatistics and Actuarial Sciences (ISBA).
    11. Bennet Skarczinski & Mathias Raschke & Frank Teuteberg, 2023. "Modelling maximum cyber incident losses of German organisations: an empirical study and modified extreme value distribution approach," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 48(2), pages 463-501, April.
    12. Michel Dacorogna & Marie Kratz, 2022. "Special Issue “Cyber Risk and Security”," Risks, MDPI, vol. 10(6), pages 1-4, May.
    13. Gareth W. Peters & Matteo Malavasi & Georgy Sofronov & Pavel V. Shevchenko & Stefan Truck & Jiwook Jang, 2022. "Cyber Loss Model Risk Translates to Premium Mispricing and Risk Sensitivity," Papers 2202.10588, arXiv.org, revised Mar 2023.
    14. Cristian Roner & Claudia Di Caterina & Davide Ferrari, 2021. "Exponential Tilting for Zero-inflated Interval Regression with Applications to Cyber Security Survey Data," BEMPS - Bozen Economics & Management Paper Series BEMPS85, Faculty of Economics and Management at the Free University of Bozen.
    15. Domenico Giovanni & Arturo Leccadito & Marco Pirra, 2021. "On the determinants of data breaches: A cointegration analysis," Decisions in Economics and Finance, Springer;Associazione per la Matematica, vol. 44(1), pages 141-160, June.
    16. Yuyu Chen & Seva Shneer, 2024. "Risk aggregation and stochastic dominance for a class of heavy-tailed distributions," Papers 2408.15033, arXiv.org, revised Dec 2024.
    17. Martin Eling & Michael McShane & Trung Nguyen, 2021. "Cyber risk management: History and future research directions," Risk Management and Insurance Review, American Risk and Insurance Association, vol. 24(1), pages 93-125, March.
    18. Yin-Yee Leong & Yen-Chih Chen, 2020. "Cyber risk cost and management in IoT devices-linked health insurance," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 737-759, October.
    19. Frank Cremer & Barry Sheehan & Michael Fortmann & Arash N. Kia & Martin Mullins & Finbarr Murphy & Stefan Materne, 2022. "Cyber risk and cybersecurity: a systematic review of data availability," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 47(3), pages 698-736, July.
    20. Spencer Wheatley & Annette Hofmann & Didier Sornette, 2021. "Addressing insurance of data breach cyber risks in the catastrophe framework," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 46(1), pages 53-78, January.

    More about this item

    NEP fields

    This paper has been announced in the following NEP Reports:

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:arx:papers:2308.00921. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: arXiv administrators (email available below). General contact details of provider: http://arxiv.org/ .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.