CYBER-INSURANCE REVISITED Cyber-Insurance Revisited Workshop on the Economics of Information Security Kennedy School of Government · Harvard University 03 June 2005 Rainer Böhme rainer.boehme@inf.tu-dresden.de Department of Computer Science Institute for System Architecture 01062 Dresden, Germany Participation in this workshop was kindly supported by a stipend 1 from the Institute for Information Infrastructure Protection.
Structure of the Talk CYBER-INSURANCE REVISITED 1 Literature review Why cyber-insurance is a good idea to tackle IT security risks Incentives · Market situation · Theories 2 Contribution of this paper Explaining immature supply of cyber-insurance with concentration in relevant equipment markets Model · Results · Interpretation 2
Welfare Effects of a Market for Cyber-Insurance CYBER-INSURANCE REVISITED Subjective Substantial rationality rationality Transfer of risk Incentives to innovate Exchange of uncertain More secure technologies future costs to fixed pay off in lower premiums expenses at present Buzzword: Total cost of ownership Incentives to implement Manageability effective security measures Constant liquidity prevents in reasonable scope undue shortages and crises Quantification Infosec R&D Premiums form a metric for the Evaluation and code reviews, value ( ≠ cost) of security strength information sharing Ref.: Anderson 1994, Varian 2000, 3 Kesan et al. 2004, Schneier 2004, a.o.
Immature Market for Cyber-Insurance CYBER-INSURANCE REVISITED Share Comparison Forecast billion USD premiums 2002 billion USD 30 8 AIG 70% 6 billion USD 24 6 optimistic about 2.500 forecast contracts 18 5 12 3 2 billion USD 6 2 prudent forecast 0 Others: Chubb, Lloyds, 0 St. Paul, Zurich, general 2002 2004 2006 2008 cyber- Hartford, Ace u.a. business insurance liability Revenue 2002: Worldwide losses 2003: 60–120 M USD · about 13 billion USD (worms & viruses) · about 226 billion USD (all attacks) 4 Sources: Cashell et al. (CRS) 2004, Panko 2003, Insurance Information Institute 2004, Conning & Co 2004
How to Explain the Immature Market CYBER-INSURANCE REVISITED Liability unsolved Thesis 1: �� Losses occur nevertheless: instead of the originator, the aggrieved party could demand coverage “New risks” lack actuarial data Thesis 2: �� Early satellite starts got coverage as well High probability of loss Thesis 3: �� You can even insure warships at wartime Difficulty to substantiate claims Thesis 4: �� Probably – can be interpreted as combination of residual juridical risk together with high transaction costs ... Cyber-risks are accumulation risks Thesis 5: �� Market concentration causes correlation of claims 5 Ref.: Schneier 2004, Borch 1995, Knowledge@Wharton 2001 (via news.com), CSO Magazine 2002
Recall: Economic Causes for Monoculture CYBER-INSURANCE REVISITED Network externalities Utility of a system increases with its market share, i.e., with the number of users of compatible devices (Metcalfe’s law) Negligible marginal costs Low costs for additional output (e.g., copy of a software CD) enables strategic pricing and fosters predatory competition Dependencies in complementary markets Third-party vendors of supplementary products first support the dominant platform and thus contribute to increase its attraction 6 Ref.: Shapiro & Varian 1999, Anderson 2001, a.o.
Liability, Risk Transfer, and Market Structure CYBER-INSURANCE REVISITED Links to relevant literature Varian 2000, Anderson 2001, and others product liability insurance market software quality + + Kim, Chen & Mukhopadhyay, 2004 (WISE) ⊗ product liablility software quality – market structure Our approach: market structure insurance market software quality – 7
Implications of Market Structure CYBER-INSURANCE REVISITED concentrated market structure strategic networking adversaries little diversity + identical concurrent of installed vulnerabilities losses systems Consequences for insurance companies? 8
CYBER-INSURANCE REVISITED 2 Explaining immature supply of cyber-insurance with concentration in equipment markets Model · Results · Interpretation 9
Structure of the Domain CYBER-INSURANCE REVISITED Economics of Insurance moral adverse calculation of premiums hazard selection life indemnity compound individual risk model risk model 10
Supply-Side Model of General Indemnity Insurance CYBER-INSURANCE REVISITED Portfolio of n independent Bernoulli-risks with probability of loss p . Expected total claim amount E( L) follows a Binomial distribution B ( n , p ). c P( L=x ) ε 0 E( L ) n Premium must comprise additional safety loading to finance safety capital c , so that the probability of ruin of the insurance company keeps below a defined upper bound ε . 11
Indemnity Insurance for Correlated Risks CYBER-INSURANCE REVISITED Single-Factor-Model ρ = .00 R 1 correlation ρ R 2 ρ = .15 individual risks R 3 R 0 (independent) . . . systemic risk ρ = .30 (e.g., virus attack) R n individual loss variables Formulation as composition of two Binomial distributions Total probability of loss p = const depending on p , n , and ρ . 12
Demand-Side Model for Cyber-Insurance CYBER-INSURANCE REVISITED Two-State Model of Income 1.4 I 1 N 1.2 U 2 ● • Γ E net premium Indifference curves max. safety loading according to CRRA U 1 1.0 • Γ max utility function Individuals prefer Income in good state 0.8 · lower expected income · under certainty 0.6 to · higher expected income · under uncertainty 0.4 line of certainty 0.2 σ = 2 p = 0.05 I 0 0.0 0.0 0.2 0.4 0.6 0.8 1.0 1.2 1.4 Income in bad state 13
Results 1: Insurability of “Monocultures” CYBER-INSURANCE REVISITED Upper bounds for correlation of claims ρ Risk aversion of insurance holder moderate ( � =1) strong ( � =3) Risk p I 0 = 0.2 1.0 5.0 0.2 1.0 5.0 0.01 0.11 0.04 0.01 1.00 0.20 0.03 0.05 0.55 0.19 0.05 1.00 0.89 0.16 0.10 1.00 0.37 0.09 1.00 1.00 0.31 0.20 1.00 0.73 0.18 1.00 1.00 0.60 No problem · Coverage for perils with high probability of loss · High risk averse individuals Problem Explanation: The willingness to pay for these policies is · “Small policies” against unlikely losses generally high so that additional loading to compensate for the correlation remains relatively unimportant. These are the mass market products that could deliver liquidity and volume to form a mature market for cyber-insurance 14
Results 2: Advantage of Diversification CYBER-INSURANCE REVISITED Comparison of two example platforms ... Dominant platform D · Total probability of loss p · Large portfolio size ( n →∞ ) · Correlation of losses ρ > 0 Alternative platform A · Total probability of loss p · Finite portfolio size n · No correlation of losses (plausible for virus contagion) 15
Premiums for Dominant and Alternative Platform CYBER-INSURANCE REVISITED Conditional Advantage of Diversification π ρ = 0 A alternative 0.13 D dominant π ρ = 0.2 0.12 n min = 22 + Premium π π ρ = 0.1 n min = 80 0.11 + π ρ = 0.05 n min = 200 + π ρ = 0.01 n min = 5000 + p = 0.1 0.10 10 100 1000 10000 100000 Portfolio size of alternative platform n 16
Results 2: Advantage of Diversification CYBER-INSURANCE REVISITED Comparison of two example platforms ... Dominant platform D · Total probability of loss p · Large portfolio size ( n →∞ ) · Correlation of losses ρ > 0 Alternative platform A · Total probability of loss p · Finite portfolio size n · No correlation of losses (plausible for virus contagion) A minimum portfolio size of A is required before insurance Result: premiums fall below the level of D. � Market entry barrier 17
Implications CYBER-INSURANCE REVISITED Favorable economic effects Frame: Cyber-insurance moderates IT security investment, reduces residual risk, and creates incentives for R&D. Shortage of supply due to market structure Thesis 1: Though demand for cyber-insurance exists, a monoculture of installed systems may thwart a market equilibrium. Reciprocity of interventions Thesis 2: Since market structure in the equipment market and conditions for cyber-insurance are linked, regulatory policies supporting cyber-insurance might cause a shift in market shares. 18
Can Premiums Steal the Thunder of Market Power? CYBER-INSURANCE REVISITED y r a t n l a e n m s k i s s g e e r t t r o i l e s t p a w k o i M l m a r c t a e n o m N r C m e t u x t i e fi m e e n r e P b Does cyber-insurance, as pricing mechanism for security properties, outweigh the strong drivers to market concentration? 19
Limitations CYBER-INSURANCE REVISITED Supply-side model · Naive selection of Bernoulli risks · Measure of dependence (correlation) unrealistic · Individual risk approach hinders empirical substantiation Demand-side model · Partial coverage not regarded · Restricted to one class of utility functions (CRRA) · Difficulty to quantify losses left out Comparison of platforms · Market position is likely to influence total probability of loss · Inclusion of transaction and monitoring costs might reveal advantages for the market leader (Metcalfe ... again!) � �� Further interdisciplinary research needed 20
Recommend
More recommend
