Using Risk Assessments to Assess Insurability in the Context of Cyber Insurance

Bartolini, David Nicolas, Benavente Peces, César ORCID: https://orcid.org/0000-0002-2734-890X and Ahrens, Andreas (2019). Using Risk Assessments to Assess Insurability in the Context of Cyber Insurance. "E-Business and Telecommunications. ICETE 2017. Communications in Computer and Information Science,", v. 990 ; pp. 1-9. ISSN 978-3-030-11039-0. https://doi.org/10.1007/978-3-030-11039-0_16.

Description

Title: Using Risk Assessments to Assess Insurability in the Context of Cyber Insurance
Author/s:
Item Type: Article
Título de Revista/Publicación: E-Business and Telecommunications. ICETE 2017. Communications in Computer and Information Science,
Date: January 2019
ISSN: 978-3-030-11039-0
Volume: 990
Subjects:
Freetext Keywords: Cyber risk management; Cyber insurance; Information security; Data protection
Faculty: E.T.S.I. y Sistemas de Telecomunicación (UPM)
Department: Teoría de la Señal y Comunicaciones
Creative Commons Licenses: Recognition - No derivative works - Non commercial

Full text

[thumbnail of INVE_MEM_2019_291906.pdf] PDF - Users in campus UPM only - Requires a PDF viewer, such as GSview, Xpdf or Adobe Acrobat Reader
Download (1MB)

Abstract

In the current globalisation framework where electronic transactions and data sharing is a common activity, cyber-risks analysis, protection and avoidance have become a key aspect which must be book and prioritised on the business agenda in companies. Nevertheless, this issue is difficult to analyse given the dimension of the problem and the company units and individuals and infrastructures which are involved. In consequence, cyber-insurance is considered as the appropriate mean to avoid financial losses caused by information technologies infrastructures and procedures security breaches. This paper analyses and describes how costumers and their cyber-risks should be assessed by an insurance company in order to establish the company status and implement the required actions to fix the issue. This work describes the three phases required to complete a full cyber-risk assessment and the risks evaluation. Furthermore, the paper highlights the resources that the insurer should keep in its road-map to implement the risk assessment and, thus, to determine the company insurability, and the requirements to reach such condition. After the risk analysis completion at the customer’s premises, it must be evaluated subsequently at all levels. Among other factors, this evaluation is based on 63 question criteria. In the risk assessment criteria weights are not uniformly distributed and weighting is applied according to the relevance. In particular, criteria that should receive a special attention are referred to as showstoppers.

More information

Item ID: 64042
DC Identifier: https://oa.upm.es/64042/
OAI Identifier: oai:oa.upm.es:64042
DOI: 10.1007/978-3-030-11039-0_16
Official URL: https://link.springer.com/chapter/10.1007%2F978-3-...
Deposited by: Memoria Investigacion
Deposited on: 01 Feb 2021 11:53
Last Modified: 01 Feb 2021 11:53
  • Logo InvestigaM (UPM)
  • Logo GEOUP4
  • Logo Open Access
  • Open Access
  • Logo Sherpa/Romeo
    Check whether the anglo-saxon journal in which you have published an article allows you to also publish it under open access.
  • Logo Dulcinea
    Check whether the spanish journal in which you have published an article allows you to also publish it under open access.
  • Logo de Recolecta
  • Logo del Observatorio I+D+i UPM
  • Logo de OpenCourseWare UPM