IEEE Security & Privacy

Does Insurance Have a Future in Governing Cybersecurity?

Daniel W. Woods, Computer Science, University of Oxford, Oxford, Oxfordshire, United Kingdom
Tyler Moore, Cyber Security, The University of Tulsa, Tulsa, Oklahoma United States

Cyber insurance could achieve public policy goals for cybersecurity using private-sector means. Insurers assess organizational security postures, prescribe security procedures and controls, and provide postincident services. We evaluate how such mechanisms impact security, identify market dynamics restricting their effectiveness, and sketch out possible futures for cyber insurance as governance.

Join ComputingEdge Newsletter to get the article for FREE!