ABSTRACT

Incentivizing Cyber Security Investment in the Power Sector Using an Extended Cyber Insurance Framework   [open pdf - 2MB]

From the Abstract: "Collaboration between the DHS Cybersecurity and Infrastructure Security Agency (CISA) and public- sector partners has revealed that a dearth of cyber- incident data combined with the unpredictability of cyber attacks have contributed to a shortfall in first-party cyber insurance protection in the critical infrastructure community. This research explores the foundations of insurance theory and adopts behavioral manipulation methods to incentivize cyber-security investment. We validate the model by applying power industry performance data from 2013-2015 to assess risk facing the industry. Results show that the model can successfully discriminate between individual power companies as well as geographic regions on the basis of risk and can recommend cyber risk- management strategies tailored to individual risk profiles. The adoption of this framework could invite more market participation, which will create a more robust cyber- incident reporting environment, contributing directly to the DHS goal of creating a national cyber- incident data repository."

Author:
Publisher:
Date:
2019-05
Copyright:
2019 by the author(s). Posted here with permission. Documents are for personal use only and not for commercial profit. See document for full rights information.
Retrieved From:
Homeland Security Affairs Journal: http://www.hsaj.org/
Format:
pdf
Media Type:
application/pdf
Source:
Homeland Security Affairs (May 2019), v.15, article 2
URL:
Help with citations