Bridging the cyber protection gap: An investigation into the efficacy of the German cyber insurance market

Cybersecurity requires an effective risk transfer regime and a well‐functioning insurance market to improve stakeholder resilience. However, rapid cyber threat adaptation, limited data availability, and inadequate risk understanding pose significant challenges for the insurance industry and its cust...

Full description

Saved in:
Bibliographic Details
Published in:Risk management and insurance review 2024-04, Vol.27 (1), p.57-87
Main Authors: Cremer, Frank, Sheehan, Barry, Fortmann, Michael, Mullins, Martin, Murphy, Finbarr, Materne, Stefan
Format: Article
Language:English
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Cybersecurity requires an effective risk transfer regime and a well‐functioning insurance market to improve stakeholder resilience. However, rapid cyber threat adaptation, limited data availability, and inadequate risk understanding pose significant challenges for the insurance industry and its customers. This research uses a mixed methods approach to analyze the inclusions, exclusions, and suitability of current cyber policies in the German cyber insurance market. The study analyzes 41 cyber insurance policies, representing about 80% of the German cyber insurance market. This examination is supported by semistructured interviews with 23 cyber insurance experts. The authors find that there are no standardized cyber policy wordings, and insurers use different terms and definitions in their insurance policies. Specifically, the results show a significant lack of clarity around coverages and exclusions. This research contributes to the cybersecurity risk management community and will enable businesses, insurance companies, and policymakers to better understand, measure, and manage cyber risk.
ISSN:1098-1616
1540-6296
DOI:10.1111/rmir.12261