A framework for using insurance for cyber-risk management

被引：121

作者：

Gordon, LA ^{[1
]}

Loeb, MP ^{[1
]}

Sohail, T ^{[1
]}

机构：

[1] Univ Maryland, Sch Business, College Pk, MD 20742 USA

来源：

COMMUNICATIONS OF THE ACM | 2003年 / 46卷 / 03期

关键词：

D O I：

10.1145/636772.636774

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Various aspects related to the use of recently developed cyber-risk insurance policies aimed at providing coverage against losses from internet related breaches in information security are discussed. A generic framework for using cyber-risk insurance for helping to manage information security risk is described. The framework is based on the entire risk management process and includes a comprehensive four-step cyber-risk insurance decision plan. Various aspects related to pricing of such insurance policies, and the effects that may arise out of adverse selection are also discussed.

引用

页码：81 / 85

页数：5