Kerstin Awiszus, Yannick Bell, Jan Lüttringhaus, Gregor Svindland, Alexander Voß, Stefan Weber
{"title":"Building resilience in cybersecurity: An artificial lab approach","authors":"Kerstin Awiszus, Yannick Bell, Jan Lüttringhaus, Gregor Svindland, Alexander Voß, Stefan Weber","doi":"10.1111/jori.12450","DOIUrl":null,"url":null,"abstract":"<p>Based on classical contagion models we introduce an <i>artificial cyber lab</i>: the digital twin of a complex cyber system in which possible cyber resilience measures may be implemented and tested. Using the lab, in numerical case studies, we identify two classes of measures to control systemic cyber risks: security- and topology-based interventions. We discuss the implications of our findings on selected real-world cybersecurity measures currently applied in the insurance and regulation practice or under discussion for future cyber risk control. To this end, we provide a brief overview of the current cybersecurity regulation and emphasize the role of insurance companies as private regulators. Moreover, from an insurance point of view, we provide first attempts to design systemic cyber risk obligations and to measure the systemic risk contribution of individual policyholders.</p>","PeriodicalId":51440,"journal":{"name":"Journal of Risk and Insurance","volume":"91 3","pages":"753-800"},"PeriodicalIF":2.1000,"publicationDate":"2023-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1111/jori.12450","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Risk and Insurance","FirstCategoryId":"96","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1111/jori.12450","RegionNum":3,"RegionCategory":"经济学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"BUSINESS, FINANCE","Score":null,"Total":0}
引用次数: 0
Abstract
Based on classical contagion models we introduce an artificial cyber lab: the digital twin of a complex cyber system in which possible cyber resilience measures may be implemented and tested. Using the lab, in numerical case studies, we identify two classes of measures to control systemic cyber risks: security- and topology-based interventions. We discuss the implications of our findings on selected real-world cybersecurity measures currently applied in the insurance and regulation practice or under discussion for future cyber risk control. To this end, we provide a brief overview of the current cybersecurity regulation and emphasize the role of insurance companies as private regulators. Moreover, from an insurance point of view, we provide first attempts to design systemic cyber risk obligations and to measure the systemic risk contribution of individual policyholders.
期刊介绍:
The Journal of Risk and Insurance (JRI) is the premier outlet for theoretical and empirical research on the topics of insurance economics and risk management. Research in the JRI informs practice, policy-making, and regulation in insurance markets as well as corporate and household risk management. JRI is the flagship journal for the American Risk and Insurance Association, and is currently indexed by the American Economic Association’s Economic Literature Index, RePEc, the Social Sciences Citation Index, and others. Issues of the Journal of Risk and Insurance, from volume one to volume 82 (2015), are available online through JSTOR . Recent issues of JRI are available through Wiley Online Library. In addition to the research areas of traditional strength for the JRI, the editorial team highlights below specific areas for special focus in the near term, due to their current relevance for the field.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
