Please use this identifier to cite or link to this item: https://hdl.handle.net/20.500.11851/6470
Full metadata record
DC FieldValueLanguage
dc.contributor.authorÖgüt, Hulisi-
dc.contributor.authorRaghunathan, Şrinivaşan-
dc.contributor.authorMenon, Nirup-
dc.date.accessioned2021-09-11T15:36:44Z-
dc.date.available2021-09-11T15:36:44Z-
dc.date.issued2011en_US
dc.identifier.issn0272-4332-
dc.identifier.issn1539-6924-
dc.identifier.urihttps://doi.org/10.1111/j.1539-6924.2010.01478.x-
dc.identifier.urihttps://hdl.handle.net/20.500.11851/6470-
dc.description.abstractThe correlated nature of security breach risks, the imperfect ability to prove loss from a breach to an insurer, and the inability of insurers and external agents to observe firms' self-protection efforts have posed significant challenges to cyber security risk management. Our analysis finds that a firm invests less than the social optimal levels in self-protection and in insurance when risks are correlated and the ability to prove loss is imperfect. We find that the appropriate social intervention policy to induce a firm to invest at socially optimal levels depends on whether insurers can verify a firm's self-protection levels. If self-protection of a firm is observable to an insurer so that it can design a contract that is contingent on the self-protection level, then self-protection and insurance behave as complements. In this case, a social planner can induce a firm to choose the socially optimal self-protection and insurance levels by offering a subsidy on self-protection. We also find that providing a subsidy on insurance does not provide a similar inducement to a firm. If self-protection of a firm is not observable to an insurer, then self-protection and insurance behave as substitutes. In this case, a social planner should tax the insurance premium to achieve socially optimal results. The results of our analysis hold regardless of whether the insurance market is perfectly competitive or not, implying that solely reforming the currently imperfect insurance market is insufficient to achieve the efficient outcome in cyber security risk management.en_US
dc.language.isoenen_US
dc.publisherWileyen_US
dc.relation.ispartofRisk Analysisen_US
dc.rightsinfo:eu-repo/semantics/closedAccessen_US
dc.subjectCyber securityen_US
dc.subjectinsuranceen_US
dc.subjectrisk managementen_US
dc.titleCyber Security Risk Management: Public Policy Implications of Correlated Risk, Imperfect Ability To Prove Loss, and Observability of Self-Protectionen_US
dc.typeArticleen_US
dc.departmentFaculties, Faculty of Economics and Administrative Sciences, Department of Managementen_US
dc.departmentFakülteler, İktisadi ve İdari Bilimler Fakültesi, İşletme Bölümütr_TR
dc.identifier.volume31en_US
dc.identifier.issue3en_US
dc.identifier.startpage497en_US
dc.identifier.endpage512en_US
dc.identifier.wosWOS:000288125300014en_US
dc.identifier.scopus2-s2.0-79952411353en_US
dc.institutionauthorÖğüt, Hulusi-
dc.identifier.pmid20807381en_US
dc.identifier.doi10.1111/j.1539-6924.2010.01478.x-
dc.relation.publicationcategoryMakale - Uluslararası Hakemli Dergi - Kurum Öğretim Elemanıen_US
dc.identifier.scopusqualityQ1-
item.openairetypeArticle-
item.languageiso639-1en-
item.grantfulltextnone-
item.fulltextNo Fulltext-
item.openairecristypehttp://purl.org/coar/resource_type/c_18cf-
item.cerifentitytypePublications-
Appears in Collections:İşletme Bölümü / Department of Management
PubMed İndeksli Yayınlar Koleksiyonu / PubMed Indexed Publications Collection
Scopus İndeksli Yayınlar Koleksiyonu / Scopus Indexed Publications Collection
WoS İndeksli Yayınlar Koleksiyonu / WoS Indexed Publications Collection
Show simple item record



CORE Recommender

SCOPUSTM   
Citations

41
checked on Dec 21, 2024

WEB OF SCIENCETM
Citations

45
checked on Aug 31, 2024

Page view(s)

92
checked on Dec 23, 2024

Google ScholarTM

Check




Altmetric


Items in GCRIS Repository are protected by copyright, with all rights reserved, unless otherwise indicated.