Computer backup pools, disaster recovery, and default risk
Communications of the ACM
Communications of the ACM - Special issue on analysis and modeling in software development
Information systems security design methods: implications for information systems development
ACM Computing Surveys (CSUR)
Correlations and Copulas for Decision and Risk Analysis
Management Science
Technical opinion: Information system security management in the new millennium
Communications of the ACM
Information security is information risk management
Proceedings of the 2001 workshop on New security paradigms
Bayesian Networks and Decision Graphs
Bayesian Networks and Decision Graphs
The economics of information security investment
ACM Transactions on Information and System Security (TISSEC)
A framework for using insurance for cyber-risk management
Communications of the ACM
Multi-perspective Enterprise Modeling (MEMO) - Conceptual Framework and Modeling Languages
HICSS '02 Proceedings of the 35th Annual Hawaii International Conference on System Sciences (HICSS'02)-Volume 3 - Volume 3
Insurability of Electronic Commerce Risks
HICSS '02 Proceedings of the 35th Annual Hawaii International Conference on System Sciences (HICSS'02)-Volume 7 - Volume 7
Why the Future Belongs to the Quants
IEEE Security and Privacy
IT Governance: How Top Performers Manage IT Decision Rights for Superior Results
IT Governance: How Top Performers Manage IT Decision Rights for Superior Results
High Severity Information Technology Risks in Finance
HICSS '05 Proceedings of the Proceedings of the 38th Annual Hawaii International Conference on System Sciences (HICSS'05) - Track 2 - Volume 02
Budgeting process for information security expenditures
Communications of the ACM - Personal information management
e-Risk Management with Insurance: A Framework Using Copula Aided Bayesian Belief Networks
HICSS '06 Proceedings of the 39th Annual Hawaii International Conference on System Sciences - Volume 06
Fuzzy decision support system for risk analysis in e-commerce development
Decision Support Systems
Risk analysis for information technology
Journal of Management Information Systems
Toward an assessment of software development risk
Journal of Management Information Systems - Special section: Strategic and competitive information systems
IEEE Security and Privacy
Operational risk analysis in business processes
BT Technology Journal
Insuring Big Losses Due to Security Breaches through Insurance: A Business Model
HICSS '07 Proceedings of the 40th Annual Hawaii International Conference on System Sciences
E-Risk Management through Self Insurance: An Option Model
HICSS '07 Proceedings of the 40th Annual Hawaii International Conference on System Sciences
Embedding Information Security into the Organization
IEEE Security and Privacy
International Journal of Electronic Commerce
Software Process: Improvement and Practice - Special Issue using ISO-IEC 15504
Identifying Software Project Risks: An International Delphi Study
Journal of Management Information Systems
Security risk assessment in electronic data processing systems
AFIPS '77 Proceedings of the June 13-16, 1977, national computer conference
Research Note---A Value-at-Risk Approach to Information Security Investment
Information Systems Research
Operational Risk: A Guide to Basel II Capital Requirements, Models, and Analysis
Operational Risk: A Guide to Basel II Capital Requirements, Models, and Analysis
Why IT managers don't go for cyber-insurance products
Communications of the ACM - Scratch Programming for All
The Artificial Intelligence
Security metrics and security investment models
IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
HICSS '11 Proceedings of the 2011 44th Hawaii International Conference on System Sciences
HICSS '11 Proceedings of the 2011 44th Hawaii International Conference on System Sciences
RiskM: A multi-perspective modeling method for IT risk assessment
Information Systems Frontiers
| Hi-index | 0.00 |
Security breaches adversely impact profit margins, market capitalization and brand image of an organization. Global organizations resort to the use of technological devices to reduce the frequency of a security breach. To minimize the impact of financial losses from security breaches, we advocate the use of cyber-insurance products. This paper proposes models to help firms decide on the utility of cyber-insurance products and to what extent they can use them. In this paper, we propose a Copula-aided Bayesian Belief Network (CBBN) for cyber-vulnerability assessment (C-VA), and expected loss computation. Taking these as an input and using the concepts of collective risk modeling theory, we also compute the premium that a cyber risk insurer can charge to indemnify cyber losses. Further, to assist cyber risk insurers and to effectively design products, we propose a utility based preferential pricing (UBPP) model. UBPP takes into account risk profiles and wealth of the prospective insured firm before proposing the premium.