Risk Management Using Cyber-Threat Information Sharing and Cyber-Insurance

被引:13
|
作者
Tosh, Deepak K. [1 ]
Shetty, Sachin [2 ]
Sengupta, Shamik [3 ]
Kesan, Jay P. [4 ]
Kamhoua, Charles A. [5 ]
机构
[1] Norfolk State Univ, Dept Comp Sci, Norfolk, VA 23504 USA
[2] Old Dominion Univ, Virginia Modeling Anal & Simulat Ctr, Norfolk, VA 23529 USA
[3] Univ Nevada, Dept Comp Sci & Engn, Reno, NV 89557 USA
[4] Univ Illinois, Coll Law, Urbana, IL USA
[5] Air Force Res Lab, Cyber Assurance Branch, Rome, NY USA
来源
GAME THEORY FOR NETWORKS (GAMENETS 2017) | 2017年 / 212卷
基金
美国国家科学基金会;
关键词
Cybersecurity information sharing; Cyber-insurance; Cyber-threat intelligence; Cyber Security Information Sharing Act (CISA);
D O I
10.1007/978-3-319-67540-4_14
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Critical infrastructure systems spanning from transportation to nuclear operations are vulnerable to cyber attacks. Cyber-insurance and cyber-threat information sharing are two prominent mechanisms to defend cybersecurity issues proactively. However, standardization and realization of these choices have many bottlenecks. In this paper, we discuss the benefits and importance of cybersecurity information sharing and cyber-insurance in the current cyber-warfare situation. We model a standard game theoretic participation model for cybersecurity information exchange (CYBEX) and discuss the applicability of economic tools in addressing important issues related to CYBEX and cyber-insurance. We also pose several open research challenges, which need to be addressed for developing a robust cyber-risk management capability.
引用
收藏
页码:154 / 164
页数:11
相关论文
共 50 条
  • [21] Optimal model design for the cyber-insurance contract with asymmetric information
    Yang, Yunxue
    Yang, Qin
    Yang, Zhenqi
    Xue, Shengjun
    2019 INTERNATIONAL CONFERENCE ON INTERNET OF THINGS (ITHINGS) AND IEEE GREEN COMPUTING AND COMMUNICATIONS (GREENCOM) AND IEEE CYBER, PHYSICAL AND SOCIAL COMPUTING (CPSCOM) AND IEEE SMART DATA (SMARTDATA), 2019, : 513 - 518
  • [22] Cyber-threat evolution: The year ahead
    Gostev, A., 1600, Elsevier Ltd (2012):
  • [23] Aegis A Novel Cyber-Insurance Model
    Pal, Ranjan
    Golubchik, Leana
    Psounis, Konstantinos
    DECISION AND GAME THEORY FOR SECURITY: GAMESEC 2011, 2011, 7037 : 131 - 150
  • [24] Competitive Cyber-Insurance and Internet Security
    Shetty, Nikhil
    Schwartz, Galina
    Felegyhazi, Mark
    Walrand, Jean
    ECONOMICS OF INFORMATION SECURITY AND PRIVACY, 2010, : 229 - +
  • [25] Maritime cyber-insurance: the Norwegian case
    Franke, Ulrik
    Friberg, Even Langfeldt
    Bahsi, Hayretdin
    INTERNATIONAL JOURNAL OF CRITICAL INFRASTRUCTURES, 2022, 18 (03) : 267 - 286
  • [26] Privacy Preserving Cyber Threat Information Sharing and Learning for Cyber Defense
    Badsha, Shahriar
    Vakilinia, Iman
    Sengupta, Shamik
    2019 IEEE 9TH ANNUAL COMPUTING AND COMMUNICATION WORKSHOP AND CONFERENCE (CCWC), 2019, : 708 - 714
  • [27] Embracing and controlling risk dependency in cyber-insurance policy underwriting
    Khalili, Mohammad Mahdi
    Liu, Mingyan
    Romanosky, Sasha
    JOURNAL OF CYBERSECURITY, 2019, 5 (01):
  • [28] Why Cyber-Insurance Contracts Fail to Reflect Cyber-Risks
    Schwartz, Galina
    Shetty, Nikhil
    Walrand, Jean
    2013 51ST ANNUAL ALLERTON CONFERENCE ON COMMUNICATION, CONTROL, AND COMPUTING (ALLERTON), 2013, : 781 - 787
  • [29] Mitigation of Cyber-Threat on Dynamic State Estimation
    Almasabi, Saleh
    2023 4TH INTERNATIONAL CONFERENCE ON CLEAN AND GREEN ENERGY ENGINEERING, CGEE, 2023, : 1 - 5
  • [30] Cyber-insurance for cybersecurity a topological take on modulating insurance premiums
    Pal, Ranjan
    Hui, Pan
    Performance Evaluation Review, 2012, 40 (03): : 86 - 88
12345