1 Cyber Insurance and IT Security Investment: Impact of Interdependent Risk Hulisi Ogut, UT-Dallas Srinivasan Raghunathan, UT-Dallas Nirup Menon, UT-Dallas.

Slides:



Advertisements
Similar presentations
TWO STEP EQUATIONS 1. SOLVE FOR X 2. DO THE ADDITION STEP FIRST
Advertisements

Enterprise Risk Management & Capital Budgeting under Dependent Risks: An Integrated Framework Tianyang Wang, Colorado State University (with Jing Ai, The.
Copyright © 2008 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Managerial Economics, 9e Managerial Economics Thomas Maurice.
MANAGERIAL ECONOMICS An Analysis of Business Issues
Choices Involving Risk
Introduction to Management Science, Modeling, and Excel Spreadsheets
INTRA-INDUSTRY TRADE AND THE SCALE EFFECTS OF ECONOMIC INTEGRATION Elisa Riihimäki Statistics Finland, Business Structures September
For APNOMS Managing Pervasive Computing and Ubiquitous Communications Challenges Ahead Graham Chen.
0 - 0.
ALGEBRAIC EXPRESSIONS
DIVIDING INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.
MULTIPLICATION EQUATIONS 1. SOLVE FOR X 3. WHAT EVER YOU DO TO ONE SIDE YOU HAVE TO DO TO THE OTHER 2. DIVIDE BY THE NUMBER IN FRONT OF THE VARIABLE.
SUBTRACTING INTEGERS 1. CHANGE THE SUBTRACTION SIGN TO ADDITION
MULT. INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.
Addition Facts
1 Effect of Managerial overconfidence, asymmetric Info, and moral hazard on Capital Structure Decisions. Rational Corporate Finance. -Capital Structure:
5/31/20141 HFT 4464 Chapter 9 Introduction to Capital Budgeting.
Chapter Outline 7.1 Risk Aversion and Demand for Insurance by Individuals The Effects of Insurance on Wealth Risk Aversion Other Factors Affecting an Individual’s.
University of the Aegean, Greece Modelling and Economics of IT Risk Management and Insurance Stefanos Gritzalis Costas Lambrinoudakis Dept. of Information.
Effective Rate of Protection
Chapter 12 Capturing Surplus.
© 2002 South-Western Publishing 1 Chapter 6 The Black-Scholes Option Pricing Model.
Review of Exam 1.
1 Money Utility and wealth. 2 Example Consider a stock investment for 5000 which could increase or decrease by +/ Let current wealth be C An investor.
Chapter 10 Money, Interest, and Income
Chapter 4 Introduction to Risk Management 4-1. Copyright © 2009 Pearson Prentice Hall. All rights reserved. 4-2 Basic Risk Management Firms convert inputs.
Chapter 11 Monetary and Fiscal Policy
1 Economic Growth Professor Chris Adam Australian Graduate School of Management University of Sydney and University of New South Wales.
Cours GOL 460 Chaînes logistiques et d´approvisionnement
Past Tense Probe. Past Tense Probe Past Tense Probe – Practice 1.
Chapter 6 Labor Mobility Copyright © 2010 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.
1 On Optimal Reinsurance Arrangement Yisheng Bu Liberty Mutual Group.
Addition 1’s to 20.
25 seconds left…...
Test B, 100 Subtraction Facts
FI Corporate Finance Leng Ling
Pricing: Understanding and Capturing Customer Value
Week 1.
The Cost of Capital Chapter 10  Sources of Capital  Component Costs  WACC  Adjusting for Flotation Costs  Adjusting for Risk 10-1.
CHAPTER 10 The Cost of Capital
Stock Valuation and Risk
1 PART 1 ILLUSTRATION OF DOCUMENTS  Brief introduction to the documents contained in the envelope  Detailed clarification of the documents content.
Cost Allocation: Joint Products and Byproducts
Capital Structure Decisions Chapter 15 and 16
Auction Theory Class 5 – single-parameter implementation and risk aversion 1.
L5: Dynamic Portfolio Management1 Lecture 5: Dynamic Portfolio Management The following topics will be covered: Will risks be washed out over time? Solve.
Dividend Policy and Retained Earnings (Chapter 18) Optimal Dividend Policy Conflicting Theories Other Dividend Policy Issues Residual Dividend Theory Stable.
Valuation and Rates of Return
317_L13, Feb 5, 2008, J. Schaafsma 1 Review of the Last Lecture finished our discussion of the demand for healthcare today begin our discussion of market.
Lecture Presentation Software to accompany Investment Analysis and Portfolio Management Seventh Edition by Frank K. Reilly & Keith C. Brown Chapter.
Investment. An Investor’s Perspective An investor has two choices in investment. Risk free asset and risky asset For simplicity, the return on risk free.
Uncertainty and Consumer Behavior
AN INTRODUCTION TO PORTFOLIO MANAGEMENT
Chapter 13.
Chapter 6 An Introduction to Portfolio Management.
317_L14, Feb 6, 2008, J. Schaafsma 1 Review of the Last Lecture began our discussion of market failures looked at what a market failure is listed four.
Lecture 3: Arrow-Debreu Economy
AN INTRODUCTION TO PORTFOLIO MANAGEMENT
The Weighted Cost of Capital. Objectives n Define the concept of cost of capital. n Use the concept of cost of capital to link the investment decisions.
© 2012 Cengage Learning. All Rights Reserved. May not scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Chapter.
Lecture Presentation Software to accompany Investment Analysis and Portfolio Management Seventh Edition by Frank K. Reilly & Keith C. Brown Chapter 7.
Some Background Assumptions Markowitz Portfolio Theory
Investment Analysis and Portfolio Management Chapter 7.
Chapter 3 Arbitrage and Financial Decision Making
The McGraw-Hill Companies, Inc. 2006McGraw-Hill/Irwin 12 Financial and Cost- Volume-Profit Models.
Investment Analysis and Portfolio Management First Canadian Edition By Reilly, Brown, Hedges, Chang 6.
McGraw-Hill © 2004 The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Leverage and Capital Structure Chapter 13.
McGraw-Hill/Irwin Copyright © 2004 by the McGraw-Hill Companies, Inc. All rights reserved. Chapter 2 Objective and Risk Management.
Trust: short-term low default paper proceeds interest remaining funds
Choices Involving Risk
Presentation transcript:

1 Cyber Insurance and IT Security Investment: Impact of Interdependent Risk Hulisi Ogut, UT-Dallas Srinivasan Raghunathan, UT-Dallas Nirup Menon, UT-Dallas

2 Introduction The scale and scope of hacker and virus attacks on computer systems is increasing Two ways to minimize losses from security breaches Make security investment Buy cyber insurance

3 Introduction IT Security decision of firms are interdependent because of networks if a hacker penetrate one company, she has easy access to shared trust partners IT assets through connection Cyber insurance market is immature because lack of actuarial data few insurance firms provide cyber insurance product

4 Research Question How the interdependence impacts decision of the firms to invest in IT security ? to buy cyber insurance coverage?

5 Assumptions & Firms Decision Key Assumptions Firms are risk averse and CARA is assumed. The firms investments in IT security affect the probability of breach of any firm in network Investments exhibit declining returns The Firms Decision Firm decides simultaneously on the level of insurance taken and IT security investment

6 Notation Decision Variable z 1 : IT security investment level for firm 1 I 1 :Insurance coverage taken by the firm 1 Model parameters U: utility function of firm p(z 1 ): Probability of breach from firm 1s own resources B 1 (z 1,z 2 ): total probability of breach for firm 1

7 Notation (Contd) π 1 : Premium paid for each dollar of coverage for firm 1 L 1 : Loss amount firm 1 incurs if breach occurs. W 1 : Initial wealth of firm 1

8 Breach Probability First consider two firms A firm can suffer two source of attack Direct attack occurs with probability p(z 1 ) when the source of breach is the firms itself Indirect attack occurs with probability qp(z 2 ) when a hacker gain access to firms IT asset after breaching other firm q indicates degree of interdependence Total breach probability of firm 1 is B 1 (z 1,z 2 )=1-[1-p(z 1 )][1-qp(z 2 )]

9 Illustration of Total Risk to Firm 1 B 1 (z 1,z 2 )=p(z 1 )+qp(z 2 )-qp(z 1 )p(z 2 ) p(z 1 ) q.p(z 2 )

10 Model Breach occurs with probability B 1 (z 1,z 2 ) Firm 1 incurs loss of L It will be paid by coverage amount I 1 if firm 1 paid premium amount π 1 I 1 if firm 1 invest z 1 amount to IT security, in this case, the utility of firm 1 will be U(W- L+(1-π 1 )I 1 -z 1 ) Breach does not occur with probability 1-B(z 1,z 2 ) The utility of firm 1 in this case will be U(W-π 1 I 1 -z 1 )

11 Solution to z and I The price of insurance is given by Firm 1 maximizes its expected utility A firms IT security spending is solution to The amount of insurance coverage taken by is

12 Solution Procedure Equation A can be solved to obtain the optimum investment level first Optimum insurance coverage can be obtained by plugging optimum investment level to the Equation B Firm can manage IT security risk through by first reducing the risk through investments. Manage the residual risk through insurance

13 Proposition 1 All else kept constant, the level of IT security investment and the amount of insurance coverage are lower as interdependency (q) increases

14 Joint Solution for Two Firms Assume that firms are identical with equal pareto weights across the two firms The solution to the IT security investment

15 Proposition All else kept constant, the joint choice of IT security investment is higher than the firms individual choice of IT security investment and joint choice of insurance coverage taken is higher than the firms individual choice of insurance coverage taken

16 Information Sharing as a Mechanism to Increase Investment and Insurance Information sharing reduces direct attack probability but not interdependency IT security investment increase because marginal benefit from IT security investment increases under information sharing. Information sharing reduces interdependency but not direct probability As interdependency (q) decreases, IT security investment and insurance increases.

17 Generalization to Several Interdependent firms The probability of breach for firm 1 in the n firm case is For identical firm case, the level of IT security investment is The amount of insurance is then given by the

18 Proposition 5 For identical firms, as the number of firms (n) increases, IT security investment level for individual firm will decline probability of breach will decreases cyber insurance level taken will decreases.

19 Conclusion As interdependency increases, IT security investment decreases Cyber insurance coverage taken decreases The increase in the number of firms has the same affect with interdependency. Joint solution implies higher IT security investment compared to individual solution

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.