A Framework for Cyber Security Insurance
New paper: “Policy measures and cyber insurance: a framework,” by Daniel Woods and Andrew Simpson, Journal of Cyber Policy, 2017.
Abstract: The role of the insurance industry in driving improvements in cyber security has been identified as mutually beneficial for both insurers and policy-makers. To date, there has been no consideration of the roles governments and the insurance industry should pursue in support of this public-private partnership. This paper rectifies this omission and presents a framework to help underpin such a partnership, giving particular consideration to possible government interventions that might affect the cyber insurance market. We have undertaken a qualitative analysis of reports published by policy-making institutions and organisations working in the cyber insurance domain; we have also conducted interviews with cyber insurance professionals. Together, these constitute a stakeholder analysis upon which we build our framework. In addition, we present a research roadmap to demonstrate how the ideas described might be taken forward.
Chairman Mao • August 30, 2017 4:03 PM
Yet again, bankers seeking the rentista.
FYI, I know of a company that sells a “spyware” device that Snorts up all your DMZ and internal network data. In the event you don’t buy another policy, they turn the data over to anyone — including attorneys to sue you.
The data gets stored stuffed into an internet-connected database located with a friend of the insurance company(ies).
The device/system uses a classic MITM setup.
No kidding.
Why hire an insurance company to “protect” you when their means of protection is Snort-based spyware?