Using Risk Assessments to Assess Insurability in the Context of Cyber Insurance

• Published in: E-Business and Telecommunications pp. 337 - 345
• Main Authors: Bartolini, David Nicolas, Benavente-Peces, Cesar, Ahrens, Andreas
• Format: Book Chapter
• Language: English
• Published: Cham Springer International Publishing 18.01.2019
• Series: Communications in Computer and Information Science
• Subjects: Cyber insurance; Cyber risk management; Data protection; Information security
• ISBN: 9783030110383; 3030110389
• ISSN: 1865-0929; 1865-0937
• DOI: 10.1007/978-3-030-11039-0_16

In the current globalisation framework where electronic transactions and data sharing is a common activity, cyber-risks analysis, protection and avoidance have become a key aspect which must be book and prioritised on the business agenda in companies. Nevertheless, this issue is difficult to analyse given the dimension of the problem and the company units and individuals and infrastructures which are involved. In consequence, cyber-insurance is considered as the appropriate mean to avoid financial losses caused by information technologies infrastructures and procedures security breaches. This paper analyses and describes how costumers and their cyber-risks should be assessed by an insurance company in order to establish the company status and implement the required actions to fix the issue. This work describes the three phases required to complete a full cyber-risk assessment and the risks evaluation. Furthermore, the paper highlights the resources that the insurer should keep in its road-map to implement the risk assessment and, thus, to determine the company insurability, and the requirements to reach such condition. After the risk analysis completion at the customer’s premises, it must be evaluated subsequently at all levels. Among other factors, this evaluation is based on 63 question criteria. In the risk assessment criteria weights are not uniformly distributed and weighting is applied according to the relevance. In particular, criteria that should receive a special attention are referred to as showstoppers.