Earticle

초록

영어

This study expands the current body of research by exploring multiple scenarios of insufficient and excessive IT security investments caused by interdependent risks and the interplay between IT security investments and cyber insurance. A key finding is that organizations experiencing interdependent risks with different types of cyber attacks (i.e., targeted and untargeted attacks) use different strategies in making IT security investment decisions and in purchasing cyber insurance policies for their information security risk management than firms that are facing independent risks. The study further provides an economic rationale for employing insurance mechanisms as a risk management solution for information security.

목차

Abstract
 Ⅰ. Introduction
 Ⅱ. IT Security Risks and its Management Strategies
  2.1 Targeted vs. Untargeted Attacks
  2.2 Self-Protection, Self-Insurance,and Cyber Insuranc2.2 Self-Protection, Self-Insurance, and Cyber Insurancee
 Ⅲ. Theoretical Analysis
  3.1 Investment in Self-Protection with-outa Cyber Insurance Market
  3.2 Interplay between Self-Protection and Cyber Insurance
  3.3 Synthesis of the Theoretical Models : Impact of Externalities on Self-Protection and Cyber Insurance
 Ⅳ. Discussion and Implications
 References
 
 About the Authors

키워드

저자

• Woohyun Shim [ Research Fellow, Department of Information Engineering and Computer Science, University of Trento, Italy. ]

참고문헌

발행기관

간행물

표지보기 관심저널 등록

• 간행물명

  Asia Pacific Journal of Information Systems

• 간기

  계간

• pISSN

  2288-5404

• eISSN

  2288-6818

• 수록기간

  1990~2026

• 등재여부

  KCI 등재,SCOPUS

• 십진분류

  KDC 325 DDC 658