cybeco supporting cyberinsurance from a behavioural
play

CYBECO: Supporting Cyberinsurance from a Behavioural Choice - PowerPoint PPT Presentation

May 05, 2023 •372 likes •820 views

CYBECO: Supporting Cyberinsurance from a Behavioural Choice Perspective Lorentz Cyberinsurance Open Day March 27, 2019 Objective Research and develop a framework for managing cybersecurity risks, focused on cyberinsurance as key risk

  1. CYBECO: “Supporting Cyberinsurance from a Behavioural Choice Perspective” Lorentz Cyberinsurance Open Day March 27, 2019

  2. Objective ➢ Research and develop a framework for managing cybersecurity risks, focused on cyberinsurance as key risk management treatment ➢ How? ✓ By transferring risk of the insured companies to the insurance provides ✓ By providing incentives for improving security

  3. Challenges ➢ Lack of data => incomplete overall risk picture => inability of insurance companies to design their offerings ➢ Companies deciding on whether to buy cyberinsurance or not

  4. Activities ➢ Develop a cybersecurity risk management model ✓ Intentionality of adversaries ✓ Cyberinsurance in the risk management portfolio ✓ Structured expert judgement methodologies for little data ✓ Cyber security behavioural and psychological findings ➢ Develop a decision support tool, the CYBECO Toolbox implementing the modelling framework ➢ Conduct behavioural experiments to validate the models and tool ➢ Provide policy recommendations to cover policy gaps

  5. Cyber Insurance Ecosystem & Policy Recommendations Kate Labunets & Wolter Pieters TU Delft

  6. Our goal • What could be optimized in cyber insurance governance? • Our approach is to identify – cyber insurance stakeholders, – their relations, – their goals, and – policy measures.

  7. Reinsurance Research results provider Cover part of insurer's Research clients losses Interests of insurers Provide results (e.g., insurance federation) Policy recommendations Compliance with Request for a specific Insurance regulations expertise Insurer Expert regulator y c i l po e at ns s due to cyber risk Negoti Cover losses e itio Pay premiums Collect necessary d g n co n data a Insurance h Policymaker c y broker A d vi ce o n cyb er c i nsu ran c e o f f e rin g s i S e c u r i ty s e r v i c es f o r ol P i n s urer and i t s c l i e n t s Provide security services Sector Security Company provider regulator Invest in security controls Compliance with regulations Interests of consumers Interests of companies Provide (e.g., consumer rights (e.g., SME association) product/service supervisory authority) Damage or steal Vendor company's assets Provide Consumer product/service Threat

  8. Actors’ objectives toward cyber insurance • Companies – Get advice on security investments – Cover possible losses related to cyber risk – Help with incident response • Brokers – Provide high quality advice about cyber risks – Make profit • Insurance providers – Increase market share – Have better actuarial data – Profitable business • Regulator/government – Increase overall level of security – Resilient ecosystem

  9. Policy measures 1 • Wider adoption – Legislation creating a financial cost to cyber events – Raise awareness about gaps in traditional insurance products – Governments to exercise their procurement power to support market development – Mandate insurance for organisations in certain industries • Defining coverage – Encourage the use of cyber exclusions in non-cyber policies – Standardise wording of cyber insurance policies – Provide certification for acts of cyber war or terrorism 1 Woods, D. and Simpson, A., 2017. Policy measures and cyber insurance: a framework. Journal of Cyber Policy , 2 (2), pp.209-226.

  10. Policy measures • Data collection – Standard data formats for assessment or claims process – Minimum standards for data collection in assessment process – Government collects high-level data on the insurance market • Information sharing – Make data held by government agencies available – Open up access to existing information-sharing initiatives – Mandate other organisations to make data available – Government to create a cyber incident data repository

  11. Policy measures • Best practices – Government can define information security best practice – Lead organisations to best practice through regulation – Clarify liability related to insurers giving security advice • Catastrophic loss – Government to act as insurer of last resorts • Collect funds ex-ante or ex-post • Joining scheme is optional or mandatory • Premium priced according to underlying risk or priced according to amount of insurance sold • Upper limit on the amount the government will cover • Upper limit on the amount one insured can claim

  12. Mapping goals and policy measures

  13. CYBECO models for cyber security risk management David Rios (CSIC-ICMAT)

  14. Cyber security risk management

  15. Cyber security risk management

  16. Cyber security risk management

  17. CYBECO security risk management • Intentionality. Modeling attackers through Adversarial Risk Analysis (robustness, ‘ smoothness ’, improved forecasts) • Structured expert judgement when data unavailable • Cyber insurance • Constraints • Preference models • Templates, Parametrised models, Catalogs • Sensitivity analysis

  18. Cyber security risk management

  19. Cyber security risk management

  20. Cyber security risk management

  21. Cyber security risk management

  22. Cyber security risk management Parametrised models

  23. Other relevant issues • Implementing computations • Insider threats • Third parties • Building the forecasting models • Turning this into a DSS tool • Behavioral aspects • Cyber risk management cycle

  24. Other models or model uses • Pricing. Maximum price • ROSI • Market segmentation • Granting an insurance • Reinsurance

  25. CYBECO Toolbox Vassilis Chatzigiannakis (Intrasoft International) Aitor Couce Vieira (CSIC-ICMAT)

  26. CYBECO Toolbox scope • Web-based information and consultancy tool that includes decision-support elements • It facilitates decisions about IT security investments • It is based on the results of the CYBECO research and modeling tasks • Summarizes the most important recommendations for the design, implementation, monitoring, evaluation and exploitation of the CYBECO models • Enables policy makers, insurance operators and interested enterprises • to obtain easy access to information on relevant concepts of cybersecurity insurance, • to provide them with a framework of analysis and feedback provisioning on the details of the deployment of the CYBECO models in real world settings

  27. CYBECO Toolbox features • Can be used by non-experts • Is translating the Adversarial Risk Assessment models into a system of algorithms • Provides support for three modes of Risk Analysis • Is supported by a Knowledge Base that: • Contains hierarchical taxonomies of entities used in the Risk Analysis Cases • Contains information about related cybersecurity entities such as threats or security controls. • All entities in the KB are interconnected

  28. Supported Risk Analysis Cases • Knowledge Base Risk Analysis Case options and results are stored in the Pre-simulated DB. results Computation speed Complexity • Calculation-based Risk Analysis Semi-simulated Cases : options, and partial results, results are stored in the DB, final results are calculated dynamically. Fully simulated • R-based Risk Analysis Templates : results runs simulation on demand in the background and notifies the user when results are ready.

  29. CYBECO Toolbox demonstration Presented Risk Analysis Case: • A single SME facing cybersecurity risks . Goal: – To choose the optimal cyber security portfolio and cyber insurance product.

  30. The behavioural-experimental approach Devstat (José Vila) & Northumbria University (Pam Briggs)

  31. The role of psychological theory and behavioural economics in promoting cybersecurity ➢ Psychological theories can help explain behaviour and decision making around cybersecurity, and identify factors influencing insurance uptake ➢ Combined with behavioural economic experiments , this provides a strong scientific method to study how participants make security decisions Cybersecurity Technical Component Human Behavioural Component

  32. The human behavioural component … Traditional approach BUT … human behaviour Assumes humans are always (including decision conscious, logical making) is not always logical! decision makers

  33. Protection-Motivation Theory SEVERITY : If my online data/accounts were hacked, it would be severe VULNERABILITY : My online data/accounts are at risk of being compromised RESPONSE EFFICACY: Insurance is an REWARDS OF NOT HAVING INSURANCE / effective method to protect against loss COSTS OF INSURANCE: Insurance is financially costly for me SELF-EFFICACY: Taking the necessary Insurance is not worth it security measures is entirely under my Setting up insurance would require too much from me control

  34. The human behavioural component … CYBECO economic experiments address this in three ways: Experiment 1: Testing the model Experiment 2: Testing the toolbox ● ● Behavioral insights to support Usability of CYBECO toolbox design of cyberinsurance ● Nudging SMEs towards optimal products protection & cyberinsurance ● Information to produce a ‘ behavioural version ’ of the Experiment 3: Belief formation CYBECO model ● Supporting believe formation in adversarial cyberinsurance models

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Supporting Cyberinsurance from a Behavioural Choice Perspective Dr. Katsiaryna (Kate) Labunets 1

Supporting Cyberinsurance from a Behavioural Choice Perspective Dr. Katsiaryna (Kate) Labunets 1

Supporting Cyberinsurance from a Behavioural Choice Perspective Dr. Katsiaryna (Kate) Labunets 1 Outline Who am I? Definitions Project details Research questions 2 Dr. Kate Labunets MSc in Mathematics PhD Candidate

968 views • 43 slides
Supporting Behavioural Change in Parents Using Motivational Interviewing 1 Case Example Kit is

Supporting Behavioural Change in Parents Using Motivational Interviewing 1 Case Example Kit is

MODULE 4 Supporting Behavioural Change in Parents Using Motivational Interviewing 1 Case Example Kit is a 35-year old woman in a stable relationship with a young child aged 18 months. She is also pregnant in her second trimester right now.

389 views • 26 slides
OUR PROPOSITION evidence-based Supporting: behavioural science to help you cultivate

OUR PROPOSITION evidence-based Supporting: behavioural science to help you cultivate

OUR PROPOSITION evidence-based Supporting: behavioural science to help you cultivate You skills to allow you to Other people be the person youd Organisations like to be more often Leaders 2 2 WHY? Our

410 views • 15 slides
GDPR is here. Is your cyberinsurance ready? By James E. Scheuermann, Esq., Lucas J. Tanglen, Esq.,

GDPR is here. Is your cyberinsurance ready? By James E. Scheuermann, Esq., Lucas J. Tanglen, Esq.,

THOMSON REUTERS GDPR is here. Is your cyberinsurance ready? By James E. Scheuermann, Esq., Lucas J. Tanglen, Esq., and Reymond E. Yammine, Esq., K&L Gates AUGUST 3, 2018 The European Unions General Data Protection Regulation, Violations

320 views • 4 slides
Supporting Aged Care Nursing Staff to Manage Behavioural and Psychological Symptoms of Dementia:

Supporting Aged Care Nursing Staff to Manage Behavioural and Psychological Symptoms of Dementia:

Faculty of Health Supporting Aged Care Nursing Staff to Manage Behavioural and Psychological Symptoms of Dementia: iSeeBehaviour. Dr Lisa Clinnick ACU/Ballarat Health Services Professor Britt Klein - FedUni Associate Professor Andrew

221 views • 20 slides
Behavioural Supports Ontario Supporting Older Adults with Responsive Behaviours Dana Vladescu-

Behavioural Supports Ontario Supporting Older Adults with Responsive Behaviours Dana Vladescu-

Behavioural Supports Ontario Supporting Older Adults with Responsive Behaviours Dana Vladescu- HNHB BSO Community Outreach Team Manager Terri Glover- HNHB BSO LTC Mobile Team Manager Kathy Peters- HNHB BSO Coordinator January 28, 2015 Agenda

400 views • 36 slides
What is really behavioural in behavioural health policy? Matteo M Galizzi

What is really behavioural in behavioural health policy? Matteo M Galizzi

What is really behavioural in behavioural health policy? Matteo M Galizzi m.m.galizzi@lse.ac.uk LSE Behavioural Research Lab LSE Health and Social Care Department of Social Policy Centre for the Study of Incentives in Health Paris School

1.45k views • 116 slides
ENHANCING BEHAVIOURAL INSIGHTS TO CREATE SUSTAINBLE BEHAVIOURAL CHANGE AT WORK Date: 16 TH APRIL

ENHANCING BEHAVIOURAL INSIGHTS TO CREATE SUSTAINBLE BEHAVIOURAL CHANGE AT WORK Date: 16 TH APRIL

ENHANCING BEHAVIOURAL INSIGHTS TO CREATE SUSTAINBLE BEHAVIOURAL CHANGE AT WORK Date: 16 TH APRIL 2020 Presenter: ISAAC PETER CEO & Principal Consultant ENHANCING BEHAVIOURAL INSIGHTS TO CREATE SUSTAINBLE BEHAVIOURAL CHANGE AT WORK

449 views • 32 slides
AFR RETAIL SUMMIT AFR RETAIL SUMMIT PARALLELS GFC TO NOW BROADER BEHAVIOURAL SHIFTS LONG TERM

AFR RETAIL SUMMIT AFR RETAIL SUMMIT PARALLELS GFC TO NOW BROADER BEHAVIOURAL SHIFTS LONG TERM

AFR RETAIL SUMMIT AFR RETAIL SUMMIT PARALLELS GFC TO NOW BROADER BEHAVIOURAL SHIFTS LONG TERM STEP CHANGE FOR RETAIL SPEND MILLENNIALS AND GEN Z RETAIL AND RETAIL AND CUSTOMER INSIGHTS SUPPORTING MERCHANTS Afterpay Day sale: biggest on

612 views • 24 slides
Applying Behavioural Insights to Public Policy Simon Ruda Outline 1. What are behavioural

Applying Behavioural Insights to Public Policy Simon Ruda Outline 1. What are behavioural

Applying Behavioural Insights to Public Policy Simon Ruda Outline 1. What are behavioural insights? 2. Who are the Behavioural Insights Team? 3. How can we apply behavioural insights to public policy? What are Behavioural Insights?

626 views • 51 slides
Lexico-grammatical Features of the Behavioural Process 1 L U C Y C H R I S P I N C A R D I F F

Lexico-grammatical Features of the Behavioural Process 1 L U C Y C H R I S P I N C A R D I F F

An Investigation into the Lexico-grammatical Features of the Behavioural Process 1 L U C Y C H R I S P I N C A R D I F F U N I V E R S I T Y Outline 2 Overview of Systemic Functional Linguistics (Halliday 1994) and the Behavioural

618 views • 29 slides
Bisimilarity and Behavioural Equivalences Lus Soares Barbosa HASLab - INESC TEC Universidade

Bisimilarity and Behavioural Equivalences Lus Soares Barbosa HASLab - INESC TEC Universidade

Bisimilarity and Behavioural Equivalences Lus Soares Barbosa HASLab - INESC TEC Universidade do Minho Braga, Portugal February 2019 Behavioural equivalences Similarity Bisimilarity Observable behaviour Behavioural Equivalences

541 views • 53 slides
Supporting Residents Expressing Responsive Behaviours at Home, Hospital, and LTC HNHB LHIN

Supporting Residents Expressing Responsive Behaviours at Home, Hospital, and LTC HNHB LHIN

Supporting Residents Expressing Responsive Behaviours at Home, Hospital, and LTC HNHB LHIN Behavioural Supports Ontario Strategy Family Council Network Four (FCN-4) Regional Meeting June 29, 2017 Objectives Background on BSO Strategy in

697 views • 37 slides
BFFF Birmingham Roger Martin-Fagg behavioural economist Mainstream vv Behavioural Economists

BFFF Birmingham Roger Martin-Fagg behavioural economist Mainstream vv Behavioural Economists

ECONOMIC UPDATE MARCH 2017 BFFF Birmingham Roger Martin-Fagg behavioural economist Mainstream vv Behavioural Economists Economic man Emotional man Rational Instinctive 20% 80% System 2 System 1 Daniel Kahneman Thinking fast, Thinking

890 views • 32 slides
Using behavioural experiments to identify consumer problems in markets: Partitioned pricing

Using behavioural experiments to identify consumer problems in markets: Partitioned pricing

Using behavioural experiments to identify consumer problems in markets: Partitioned pricing practices Office of Fair Trading Economic Seminar Series 14 th January 2014 Dr Charlotte Duke Presentation outline How we use behavioural

287 views • 26 slides
RISK ASSESSEMENT supporting TEST supporting supporting supporting supporting REAGENTS RISK

RISK ASSESSEMENT supporting TEST supporting supporting supporting supporting REAGENTS RISK

TEST IDENTIFICATION:________________________________ LOCATION (SITE/DEPARTMENT):________________________________ RISK ASSESSEMENT supporting TEST supporting supporting supporting supporting REAGENTS RISK RISK OPERATORS RISK SPECIMEN

389 views • 3 slides
Ready to Learn We aspire to create a calm, orderly and positive learning environment where hard

Ready to Learn We aspire to create a calm, orderly and positive learning environment where hard

Learning together, succeeding together, inspiring excellence Ready to Learn We aspire to create a calm, orderly and positive learning environment where hard work leads to recognition and pride to build consistency and certainty into the

401 views • 14 slides
DUBLIN 12 JOINT POLICING COMMITTEE SOUTH WEST BALLYFERMOT INNER CITY CHAPELIZOD CANALS

DUBLIN 12 JOINT POLICING COMMITTEE SOUTH WEST BALLYFERMOT INNER CITY CHAPELIZOD CANALS

BALLYFERMOT SOUTH WEST CHAPELIZOD INNER CITY CANALS DUBLIN 12 JOINT POLICING COMMITTEE SOUTH WEST BALLYFERMOT INNER CITY CHAPELIZOD CANALS DUBLIN 12 JOINT POLICING COMMITTEE SOUTH WEST BALLYFERMOT INNER CITY CHAPELIZOD FOUR

569 views • 40 slides
Self Reflection https://cmha.ca/work-life-balance-quiz#balance-quiz

Self Reflection https://cmha.ca/work-life-balance-quiz#balance-quiz

Building Resilience as a Social Worker: Using Strategies to Promote Well-being Karen Lynn Kyliuk BSW, RSW Self Reflection https://cmha.ca/work-life-balance-quiz#balance-quiz http://www.proqol.org/uploads/ProQOL_5_ English_Self-Score_3-2012.pdf

701 views • 37 slides
CASH RESILIENCE GROWTH Full Year 2019 Results 9 March 2020 1 Nicholas Lyons Chairman 2

CASH RESILIENCE GROWTH Full Year 2019 Results 9 March 2020 1 Nicholas Lyons Chairman 2

CASH RESILIENCE GROWTH Full Year 2019 Results 9 March 2020 1 Nicholas Lyons Chairman 2 Phoenixs growth journey continues 2010 2013 2015 2018 Premium Listing on Debt re-terming Investment grade Acquisition of Standard Life

897 views • 71 slides
FAIR WORK STARTS WITH FAIR ACCESS IMAGINE An approach as unique as your clients Easiest

FAIR WORK STARTS WITH FAIR ACCESS IMAGINE An approach as unique as your clients Easiest

FAIR WORK STARTS WITH FAIR ACCESS IMAGINE An approach as unique as your clients Easiest Control Social Self Control Attitude, or psychological job readiness, is the greatest predictor of a jobseekers likelihood of return-to-work.

1.05k views • 18 slides
Trust Purpose: To save lives and ensure everyone in our communities receives the right care,

Trust Purpose: To save lives and ensure everyone in our communities receives the right care,

OUR PEOPLE STRATEGY 2018 - 2021 Trust Purpose: To save lives and ensure everyone in our communities receives the right care, whenever and wherever they need it Trust Vision: To be trusted as the best urgent and emergency care

698 views • 14 slides
and training services. Builds and supplements capacity, provides technical back-stopping, and on

and training services. Builds and supplements capacity, provides technical back-stopping, and on

Regional organisation that assists member countries to achieve their development goals by delivering technical, scientific, research, policy and training services. Builds and supplements capacity, provides technical back-stopping, and on

674 views • 10 slides
Techniques for data collection Technical workshop on survey methodology: Enabling environment

Techniques for data collection Technical workshop on survey methodology: Enabling environment

5/2/2011 Techniques for data collection Technical workshop on survey methodology: Enabling environment for sustainable enterprises in Indonesia Hotel Ibis Tamarin, Jakarta 4-6 May 2011 Presentation by Mohammed Mwamadzingo, ILO/ACTRAV Geneva

355 views • 17 slides

More recommend