Improving Cyber-Security via Profitable Insurance Markets-Reference-Cited by-同舟云学术

Improving Cyber-Security via Profitable Insurance Markets

Published:2018-08-28 Issue:4 Volume:45 Page:7-15
ISSN:0163-5999
Container-title:ACM SIGMETRICS Performance Evaluation Review
language:en
Short-container-title:SIGMETRICS Perform. Eval. Rev.

Author:

Pal Ranjan¹,Golubchik Leana¹,Psounis Konstantinos¹,Hui Pan²

Affiliation:

1. University of Southern California

2. HKUST

Abstract

Recent work in security has illustrated that solutions aimed at detection and elimination of security threats alone are unlikely to result in a robust cyberspace. As an orthogonal approach to mitigating security problems, some researchers have pursued the use of cyber-insurance as a suitable risk management technique. In this regard, a recent work by the authors in [1] have proposed efficient monopoly cyberinsurance markets that maximize social welfare of users in a communication network via premium discriminating them. However, the work has a major drawback in the insurer not being able to make strictly positive profit in expectation, which in turn might lead to unsuccessful insurance markets. In this paper, we provide a method (based on the model in [1]) to overcome this drawback for the risk-averse premium discriminating monopoly cyber-insurer, and prove it in theory. More specifically, we propose a non-regulatory mechanism to allow monopoly cyber-insurers to make strictly positive profit in expectation. To investigate the general effectiveness of our mechanism beyond a monopoly setting with full coverage, we conduct numerical experiments (comparing social welfare at market equilibrium) on (a) practical Internet-scale network topologies that are formed by users who are free to decide for themselves whether they want to purchase insurance or not, (b) settings of perfect and imperfect market competition, and (c) scenarios with partial insurance coverage.

Publisher

Association for Computing Machinery (ACM)

Subject

Computer Networks and Communications,Hardware and Architecture,Software

Link

https://dl.acm.org/doi/pdf/10.1145/3273996.3273999

Reference33 articles.

1. R. Pal L. Golubchik K. Psounis and P. Hui "Will cyber-insurance improve network security: A market analysis " in To Appear in IEEE INFOCOM 2014. R. Pal L. Golubchik K. Psounis and P. Hui "Will cyber-insurance improve network security: A market analysis " in To Appear in IEEE INFOCOM 2014.

2. R. Anderson and T. Moore "Information security economics and beyond " in Information Security Summit 2008. R. Anderson and T. Moore "Information security economics and beyond " in Information Security Summit 2008.

3. M. Lelarge and J. Bolot "Economic incentives to increase security in the internet: The case for insurance " in IEEE INFOCOM 2009. M. Lelarge and J. Bolot "Economic incentives to increase security in the internet: The case for insurance " in IEEE INFOCOM 2009.

4. P. Naghizadeh and M. Liu "Voluntary participation in cyber-insurance markets " in WEIS 2014. P. Naghizadeh and M. Liu "Voluntary participation in cyber-insurance markets " in WEIS 2014.

Cited by 12 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Influence of subsidy policies against insurances on controlling the propagation of epidemic security risks in networks;Applied Mathematics and Computation;2024-09

2. Regional Perspective of Using Cyber Insurance as a Tool for Protection of Agriculture 4.0;Agriculture;2024-02-18

3. How Should Enterprises Quantify and Analyze (Multi-Party) APT Cyber-Risk Exposure in their Industrial IoT Network?;ACM Transactions on Management Information Systems;2023-10-19

4. Cyberspace and Personal Cyber Insurance: A Systematic Review;Journal of Computer Information Systems;2023-04-05

5. Does Cyber-Insurance Benefit the Insured or the Attacker? – A Game of Cyber-Insurance;Lecture Notes in Computer Science;2023