Top

Published in:

2015 | OriginalPaper | Chapter

Design, Demonstration, and Evaluation of an Information Security Contract and Trading Mechanism to Hedge Information Security Risks

Authors : Pankaj Pandey, Steven De Haes

Published in: Security and Trust Management

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Cyber-insurance products are the only financial instrument available as a risk-transfer mechanism in the information security domain. Furthermore, cyber-insurance markets are unable or unwilling to facilitate the transfer of risks, particularly those with a high probability and high intensity of loss. Thus, there is a need for a new mechanism to address the variety of information security risks. This article addresses the shortcomings in the existing information security risk hedging market. The article presents a financial instrument and a corresponding trading mechanism to be used for risk hedging in an information security prediction market. Also, the article uses an imaginary case to demonstrate the application of the contract. Furthermore, an evaluation of the contract and trading mechanism in its usefulness in hedging the underlying risks is presented. In our analysis, we found that information security contracts can be a solution (at least to some extent) to the problems in the existing risk hedging mechanisms in the information security domain.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter A Game Theoretic Framework for Modeling Adversarial Cyber Security Game Among Attackers, Defenders, and Users

Managing cyber security as a business risk: Cyber insurance in the digital age. Technical Report, Ponemon Institute, LLC, August 2013

Dimitrov, S., Sami, R.: Composition of markets with conflicting incentives. In: Proceedings of the 11th ACM Conference on Electronic Commerce, pp. 53–62. EC 2010, ACM, New York, NY, USA (2010)

Fabozzi, F.J.: The Handbook of Financial Instruments. Wiley, Hoboken (2002)

Fidler, M.: Anarchy of Regulation: Controlling the Global Trade in Zero-Day Vulnerabilities. Ph.D. thesis, Stanford University, May 2014

Forsythe, R., Rietz, T.A., Ross, T.W.: Wishes, expectations and actions: a survey on price formation in election stock markets. J. Econ. Behav. Organ. 39(1), 83–110 (1999)CrossRef

Gray, A.: Government resists calls to fund backstop for cyber disaster losses, April 2015. http://www.ft.com/cms/s/0/7f9d8326-d096-11e4-a840-00144feab7de.html. Accessed 19 June 2015

Hanson, R.: Designing real terrorism futures. Public Choice 128(1–2), 257–274 (2006)CrossRef

Hanson, R., Oprea, R.: A manipulator can aid prediction market accuracy. Economica 76(302), 304–314 (2009)CrossRef

King, R.: Cyber insurance capacity is very small: Aig ceo. CIO Journal, Apr 2015. http://blogs.wsj.com/cio/2015/04/02/cyber-insurance-capacity-is-very-small-aig-ceo/. Accessed 19 June 2015

10.

Luckner, S.: Prediction markets: Fundamentals, key design elements, and applications. The 21st Bled eConference, eCollaboration: Overcoming Boundaries Through Multi-Channel Interaction, June 2008

11.

NewYork Supreme Court: Zurich American Insurance Company vs Sony Corporation of America, no. No. 651982/2011, July 2011

12.

Ozment, A.: The likelihood of vulnerability rediscovery and the social utility of vulnerability hunting. In: Workshop on Economics and Information Security (2005)

13.

Pandey, P., Snekkenes, E.A.: An assessment of market methods for information security risk management. In: 16th IEEE International Conference on High Performance and Communications, WiP track (2014)

14.

Pennock, D.M.: A dynamic pari-mutuel market for hedging, wagering, and information aggregation. In: Proceedings of the 5th ACM Conf. on Electronic Commerce, pp. 170–179 (2004)

15.

Plott, C.R., Chen, K.Y.: Information aggregation mechanisms: Concept, design and implementation for a sales forecasting problem. W.P. 1131, California Institute of Technology (2002)

16.

Spann, M.: Virtuelle Börsen Als Instrument Zur Marktforschung. Deutscher Universitäts-Verlag (2002)

17.

Sripawatakul, P., Sutivong, D.: Decision framework for constructing prediction markets. In: The 2nd IEEE International Conference on Information Management and Engineering, April 2010

18.

WEF, Partner: Risk and responsibility in a hyperconnected world. Technical Report, World Economic Forum in collaboration with McKinsey and Company, January 2014

19.

Weinhardt, C., Gimpel, H.: Market engineering: An interdisciplinary research challenge. In: Jennings, N., Kersten, G., Ockenfels, A., Weinhardt, C. (eds.) Negotiation and Market Engineering. No. 06461, IBFI, Germany (2007)

Title: Design, Demonstration, and Evaluation of an Information Security Contract and Trading Mechanism to Hedge Information Security Risks
Authors: Pankaj Pandey
Steven De Haes
Publisher: Springer International Publishing
Book: Security and Trust Management
Print ISBN: 978-3-319-24857-8

Electronic ISBN: 978-3-319-24858-5

Copyright Year: 2015
DOI: https://doi.org/10.1007/978-3-319-24858-5_19

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner