Does Insurance Have a Future in Governing Cybersecurity?

Daniel W. Woods, Tyler Moore

Research output: Contribution to journalArticlepeer-review


Cyber insurance could achieve public policy goals for cybersecurity using private-sector means. Insurers assess organizational security postures, prescribe security procedures and controls, and provide postincident services. We evaluate how such mechanisms impact security, identify market dynamics restricting their effectiveness, and sketch out possible futures for cyber insurance as governance.
Original languageEnglish
Pages (from-to)21-27
Number of pages7
JournalIEEE Security and Privacy
Issue number1
Early online date11 Sep 2019
Publication statusE-pub ahead of print - 11 Sep 2019


Dive into the research topics of 'Does Insurance Have a Future in Governing Cybersecurity?'. Together they form a unique fingerprint.

Cite this