Does Insurance Have a Future in Governing Cybersecurity?

Daniel W. Woods; Tyler Moore

doi:10.1109/MSEC.2019.2935702

Does Insurance Have a Future in Governing Cybersecurity?

Research output: Contribution to journal › Article › peer-review

Abstract

Cyber insurance could achieve public policy goals for cybersecurity using private-sector means. Insurers assess organizational security postures, prescribe security procedures and controls, and provide postincident services. We evaluate how such mechanisms impact security, identify market dynamics restricting their effectiveness, and sketch out possible futures for cyber insurance as governance.

Original language	English
Pages (from-to)	21-27
Number of pages	7
Journal	IEEE Security and Privacy
Volume	18
Issue number	1
Early online date	11 Sep 2019
DOIs	https://doi.org/10.1109/MSEC.2019.2935702
Publication status	E-pub ahead of print - 11 Sep 2019

Access to Document

10.1109/MSEC.2019.2935702Licence: All Rights Reserved

https://ieeexplore.ieee.org/abstract/document/8833500Licence: All Rights Reserved

Cite this

@article{cd4327d6a38548e49146dd9765e801ee,

title = "Does Insurance Have a Future in Governing Cybersecurity?",

abstract = "Cyber insurance could achieve public policy goals for cybersecurity using private-sector means. Insurers assess organizational security postures, prescribe security procedures and controls, and provide postincident services. We evaluate how such mechanisms impact security, identify market dynamics restricting their effectiveness, and sketch out possible futures for cyber insurance as governance.",

author = "Woods, {Daniel W.} and Tyler Moore",

year = "2019",

month = sep,

day = "11",

doi = "10.1109/MSEC.2019.2935702",

language = "English",

volume = "18",

pages = "21--27",

journal = "IEEE Security and Privacy",

issn = "1540-7993",