Expanding the Gordon-Loeb model to cyber-insurance
نویسندگان
چکیده
We present an economic model for decisions on competing cyber-security and cyber-insurance investment based the Gordon-Loeb in information security. consider a one-period scenario which firm may invest security measures to reduce probability of breach, or combination both. The optimal insurance under assumptions is investigated via consideration costs benefits alongside purchasing at independent premium rate. Under both exponential (constant absolute risk aversion) logarithmic relative utility functions it found that when below certain value, maximised with investment. These results suggest worthwhile undertaking provided not overly costly. believe this be first attempt integrate into classical microeconomic analysis insurance, particularly using breach determine claim. follows tradition being accessible practitioners decision makers
منابع مشابه
On the Gordon & Loeb Model for Information Security Investment
In this paper we discuss a simple and general model for evaluating optimal investment level in information security proposed by Gordon and Loeb [5]. The authors leave an open question, whether there exists some universal upper limit for the level of optimal security investments compared to the total cost of the protected information set. They also conjecture that if such a level exists, it coul...
متن کاملExternalities and the Magnitude of Cyber security Underinvestment by Private Sector Firms: A Modification of the Gordon-Loeb Model
Cyber security breaches inflict costs to consumers and businesses. The possibility also exists that a cyber security breach may shut down an entire critical infrastructure industry, putting a nation’s whole economy and national defense at risk. Hence, the issue of cyber security investment has risen to the top of the agenda of business and government executives. This paper examines how the exis...
متن کاملCyber Risk Exposure and Prospects for Cyber Insurance
This study draws attention to the ubiquitous and borderless nature of cybercrime. It examines the prospect of introducing customized cyber insurance policy in the Nigerian market. As secondary data was not available, the study conducted a survey by administering three sets of questionnaire to purposively selected top executives in four Trade Groups that rely heavily on Internet transactions for...
متن کاملAegis A Novel Cyber-Insurance Model
Recent works on Internet risk management have proposed the idea of cyber-insurance to eliminate risks due to security threats, which cannot be tackled through traditional means such as by using antivirus and antivirus softwares. In reality, an Internet user faces risks due to security attacks as well as risks due to non-security related failures (e.g., reliability faults in the form of hardware...
متن کاملcyber risk exposure and prospects for cyber insurance
this study draws attention to the ubiquitous and borderless nature of cybercrime. it examines the prospect of introducing customized cyber insurance policy in the nigerian market. as secondary data was not available, the study conducted a survey by administering three sets of questionnaire to purposively selected top executives in four trade groups that rely heavily on internet transactions for...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Computers & Security
سال: 2022
ISSN: ['0167-4048', '1872-6208']
DOI: https://doi.org/10.1016/j.cose.2021.102533