Understanding cyber-risk and cyber-insurance

Gareth W. Peters, Pavel V. Shevchenko, Ruben D. Cohen

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review


In this manuscript we explore a range of perspectives being adopted by industry and regulators in order to classify cyber crime or cyber risk loss processes. The purposes of this is to better understand and discuss the emerging perspectives on this class of risk process in order to inform management practice, data collection and ultimately loss modelling. In the second part of the manuscript we discuss the emerging market of cyber risk insurance and the challenges faced by this market resulting from the diversity of insurance coverage on offer and uncertainty relating to potential exposures and vulnerabilities associated with this risk class. Furthermore, we discuss the challenge of moral hazard that can arise in developing such insurance markets. In the third section, the manuscript discusses regulator and industry responses to cyber risk management, mitigation and insurance.
We conclude with insights and perspectives on whether cyber risk is a loss process that should be primarily covered by capital management practice, or whether it is better suited to an insurance mitigation or risk transfer based approach.
Original languageEnglish
Title of host publicationFintech
Subtitle of host publicationGrowth and Deregulation
EditorsDiane Maurice, David Fairman, Jack Freund
Place of PublicationUnited Kingdom
PublisherRisk Books
Number of pages28
ISBN (Electronic)9781782723981
ISBN (Print)9781782723875
Publication statusPublished - 19 Feb 2018


  • cyber risk
  • cyber crime
  • operational risk
  • cyber insurance
  • cyber regulation
  • Information Technology risk
  • business disruption


Dive into the research topics of 'Understanding cyber-risk and cyber-insurance'. Together they form a unique fingerprint.

Cite this