Cyberinsurance in IT security management

IEEE Security and Privacy

Volumn 5, Issue 3, 2007, Pages 50-56

  Baer, Walter S ^a   Parkinson, Andrew ^b  

^a Annenberg Center for Communication   (United States)

^b RAND CORPORATION   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

CYBERINSURANCE; INFORMATION SECURITY BREACHES; SECURITY MANAGEMENT; VIRUS ATTACKS;

COMPUTER SYSTEM FIREWALLS; COMPUTER VIRUSES; CYBERNETICS; INFORMATION TECHNOLOGY; RISK MANAGEMENT;

SECURITY OF DATA;

EID: 34250009730     PISSN: 15407993     EISSN: None     Source Type: Journal    
DOI: 10.1109/MSP.2007.57     Document Type: Article

References (20)

1. B. Schneier, "Computer Security: It's the Economics, Stupid," Workshop on the Economics of Information Security (WEIS), 2002; www2.sims.berkeley.edu/resources/affiliates/workshops/econsecurity/econws/18. doc.
2. W.S. Baer, "Rewarding IT Security in the Marketplace," Proc. 31st Research Conf. Comm., Information, and Internet Policy, 2003; http://intel.si.umich.edu/tprc/papers/2003/190/BaerITSecurity.pdf.
3. J. Kesan et al., "The Economic Case for Cyberinsurance," Univ. of Ill. Law and Economics working paper no. 2, July 2004; http://law.bepress. com/uiuclwps/papers/art2/.
4. J. Kesan et al., "Cyber-Insurance as a Market-Based Solution to the Problem of Cybersecurity," Workshop on the Economics of Information Security (WEIS), 2005; http://infosecon.net/workshop/pdf/42.pdf.
5. D. Duffy, "Safety at a Premium," CSO, Dec. 2002; www. csoonline.com/read/120902/safety.html.
6. R.S. Betterley, "CyberRisk Market Survey 2006," The Betterley Report, June 2006; www.betterley.com/products.html.
7. L. Gordon et al., 2005 CSI/FBI Computer Crime and Security Survey, Computer Security Inst., 2005; www.cpppe.umd.edu/Bookstore/Documents/ 2005CSISurvey.pdf.
8. Global Information Security Survey 2005, Ernst & Young, Nov. 2005; www.ey.com/global/download.nsf/Inter national/ Global_Information_Security_Survey_2005/ $file/ EY_Global_Information_Security_survey_2005.pdf.
9. R.P. Majuca, W. Yurcik, and J.P. Kesan, "The Evolution of Cyberinsurance," ACM Computing Research Repository (CoRR), tech. report cs.CR/0601020, Jan. 2006; www.projects.ncassr.org/econsec/ cyberinsuranceTR06.pdf.
10. D. Geer, Cyber Insecurity: The Cost of Monopoly, Computer and Comm. Industry Assoc., 2003; www.ccianet.org/papers/cyberinsecurity.pdf.
11. R. Anderson, "Why Information Security Is Hard - An Economic Perspective," Univ. of Cambridge Computer Laboratory working paper, 2001; www.ftp.cl.cam.ac. uk/ftp/users/rja14/econ.pdf.
12. H. Kunreuther and G. Heal, "Interdependent Security: The Case of Identical Agents," working paper no. 8871, Nat'l Bureau of Economic Research, 2002.
13. R. Böhme, "Cyber-Insurance Revisited," Workshop on the Economics of Information Security (WEIS), 2005; http://infosecon.net/ workshop/pdf/15.pdf.
14. R. Böhme and G. Kataria, "Models and Measures for Correlation in Cyber-Insurance," Workshop on the Economics of Information Security (WEIS), 2006; http://weis2006.econinfosec.org/docs/16.pdf.
15. H. Ogut, N. Menon, and S. Raghunathan, "Cyber Insurance and IT Security Investment: Impact of Interdependent Risk," Workshop on the Economics of Information Security (WEIS), 2005; http://infosecon.net/ workshop/pdf/56.pdf.
16. G. Carpenter, "The World Catastrophe Reinsurance Market," Guy Carpenter & Co., Aug. 2006; www.guycarp.com/portal/extranet/insights/ reports.html?vid=22.
17. H. Oellrich, "Cyber Insurance Update," The CIP Report, Dec. 2003; http://cipp.gmu.edu/archive/cip_report_2.6.
18. US Dept. of Homeland Security, The Nat'l Strategy to Secure Cyberspace, Feb. 2003; www.whitehouse.gov/pcipb/cyberspace_srtategy.pdf.
19. H.R. Varian, "Liability for Net Vandalism Should Rest with Those That Can Best Manage the Risk," The New York Times, 1 June 2000, section C, p. 2; www.ischool.berkeley.edu/~hal/people/hal/NYTimes/2000-06-01. html.
20. J. Winn, "Should Vulnerability Be Actionable? Improving Critical Infrastructure Computer Security with Trade Practices Law," George Mason Univ. Critical Infrastructure Protection Project Papers Vol. II, 2004; www.law.washington.edu/Faculty/Winn/Publications/Should_Vukierability.pdf.