The rapid development of cyber insurance market brings forward the question about the effect of cyber insurance on cyber security. Some researchers believe that the effect should be positive as organisations will be forced to maintain a high level of security in order to pay lower premiums. On the other hand, other researchers conduct a theoretical analysis and demonstrate that availability of cyber insurance may result in lower investments in security. In this paper we propose a mathematical analysis of a cyber-insurance model in a non-competitive market. We prove that with a right pricing strategy it is always possible to ensure that security investments are at least as high as without insurance. Our general theoretical analysis is confirmed by specific cases using CARA and CRRA utility functions.
Preventing the drop in security investments for non-competitive cyber-insurance market
Martinelli Fabio;Orlando Albina;Uuganbayar Ganbayar;Yautsiukhin Artsiom
2018
Abstract
The rapid development of cyber insurance market brings forward the question about the effect of cyber insurance on cyber security. Some researchers believe that the effect should be positive as organisations will be forced to maintain a high level of security in order to pay lower premiums. On the other hand, other researchers conduct a theoretical analysis and demonstrate that availability of cyber insurance may result in lower investments in security. In this paper we propose a mathematical analysis of a cyber-insurance model in a non-competitive market. We prove that with a right pricing strategy it is always possible to ensure that security investments are at least as high as without insurance. Our general theoretical analysis is confirmed by specific cases using CARA and CRRA utility functions.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
