Insurance, in general, is a financial contract between the one buying the insurance (also known as the policyholder or insured) and the one providing insurance (known as insurance carrier or insurer). The contract, known as the insurance policy, …
SecurityBudget will be a cyber security dashboard to support SMEs on how to protect their systems subject to a limited available budget.
Budget: £12.5k.
Principal Investigator: Manos Panaousis, co-Investigator: George Loukas.
This paper represents the SECONDO framework to assist organizations with decisions related to cybersecurity investments and cyber-insurance. The platform supports cybersecurity and cyber-insurance decisions by implementing and integrating a number of …
The MERIT addresses the challenge of how to take better cyber security investment decisions. It aims at minimising cyber security risks by optimally investing its budget for cyber controls. In a multi-disciplinary approach, it utilises both economics and cybersecurity engineering insights to significantly extend the state-of-the-art in decision support for cybersecurity spending.
We introduce a game-theoretic model to investigate the strategic interaction between a cyber insurance policyholder whose premium depends on her self-reported security level and an insurer with the power to audit the security level upon receiving an …
SECONDO addresses the question “How can decisions about cyber security investments and cyber insurance pricing be optimised?” SECONDO will support professionals who seek cyber security investments, developed to support human decision making, and a complete well-founded security strategy.
An insurer has to know the risks faced by a potential client to accurately determine an insurance premium offer. However, while the potential client might have a good understanding of its own security practices, it may also have an incentive not to …
In this paper we investigate how to optimally invest in cybersecurity controls. We are particularly interested in examining cases where the organization suffers from an underinvestment problem or inefficient spending on cybersecurity. To this end, we …
This work addresses the challenge “how do we make better security decisions?” and it develops techniques to support human decision making and algorithms which enable well-founded cyber security decisions to be made. In this paper we propose a game …