Abstract
As an important method of risk control in information systems and networks, cyber-insurance has attracted particular attention from both industry and academia. However, two prominent problems hamper the further growth of cyber-insurance. The correlated and interdependent properties of cyber-risks increase the economic risk of insurance companies considerably ; risk pooling can be impeded by these two properties. Further, this situation can be aggravated because cyber-insurance affects the investment for self-protection negatively. This phenomenon is regarded as the ex ante moral hazard. In this study, we establish a mathematical model based on a classic insurance theory to address the abovementioned problems, and propose an optimal cyber-insurance contract scheme that maximizes the expected utility of users. We also propose two personalized contract schemes to incentivize users to invest in self-protection under the no moral hazard and ex ante moral hazard conditions. Extensive experiments are conducted to evaluate the proposed approach, and the experimental results demonstrate the effectiveness and efficiency of the approach.
Original language | English |
---|---|
Pages (from-to) | 576-589 |
Number of pages | 14 |
Journal | Information Sciences |
Volume | 527 |
Early online date | 23 Dec 2018 |
DOIs | |
Publication status | Published - Jul 2020 |
Externally published | Yes |
Keywords
- Cyber-insurance
- Network risk
- Network security
- Utility theory