IDEAS home Printed from https://ideas.repec.org/a/inm/orserv/v16y2024i2p124-141.html
   My bibliography  Save this article

Cyber Insurance and Post-Breach Services: A Normative Analysis

Author

Listed:
  • Wendy Hui

    (Singapore Institute of Technology, Singapore 138683)

  • Kai-Lung Hui

    (Department of Information Systems, Business Statistics, and Operations Management, School of Business and Management, Hong Kong University of Science and Technology, Clear Water Bay, Hong Kong)

  • Wei T. Yue

    (Department of Information Systems, College of Business, City University of Hong Kong, Kowloon Tong, Hong Kong)

Abstract

Cyber insurance is becoming an essential tool for managing cybersecurity risks. In this study, we analyze how having the option to subscribe to cyber insurance services affects firms’ risk prevention and mitigation decisions. We model the scenario where the firm purchases cyber insurance in a competitive insurance market and compare it against the case when it does not purchase cyber insurance. When there is a breach, cyber insurance can help cover mitigation expenses and breach losses. Consistent with the prior literature, we find that in most cases cyber insurance exacerbates ex ante moral hazard by decreasing expected risk prevention. However, it enhances ex post efforts by increasing expected risk mitigation, which can lead to more positive outcomes for the insured firm. The mechanism involves designing the contract with a delicate calibration of the coverage of breach losses and the coinsurance rate. Moreover, the findings highlight the importance of a healthy risk mitigation service market in managing cybersecurity risks.

Suggested Citation

  • Wendy Hui & Kai-Lung Hui & Wei T. Yue, 2024. "Cyber Insurance and Post-Breach Services: A Normative Analysis," Service Science, INFORMS, vol. 16(2), pages 124-141, June.
    • Handle: RePEc:inm:orserv:v:16:y:2024:i:2:p:124-141
    DOI: 10.1287/serv.2021.0120
    as

    Download full text from publisher

    File URL: http://dx.doi.org/10.1287/serv.2021.0120
    Download Restriction: no
    File URL: https://libkey.io/10.1287/serv.2021.0120?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:inm:orserv:v:16:y:2024:i:2:p:124-141. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Chris Asher (email available below). General contact details of provider: https://edirc.repec.org/data/inforea.html .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.