Building resilience in cybersecurity: An artificial lab approach

Publikation: Beitrag in FachzeitschriftArtikelForschungPeer-Review

Autoren

  • Kerstin Awiszus
  • Yannick Bell
  • Jan Lüttringhaus
  • Gregor Svindland
  • Alexander Voß
  • Stefan Weber

Externe Organisationen

  • Hochschule Hannover (HsH)
Forschungs-netzwerk anzeigen

Details

OriginalspracheEnglisch
Seiten (von - bis)753-800
Seitenumfang48
FachzeitschriftJournal of Risk and Insurance
Jahrgang91
Ausgabenummer3
PublikationsstatusVeröffentlicht - 20 Aug. 2024

Abstract

Based on classical contagion models we introduce an artificial cyber lab: the digital twin of a complex cyber system in which possible cyber resilience measures may be implemented and tested. Using the lab, in numerical case studies, we identify two classes of measures to control systemic cyber risks: security- and topology-based interventions. We discuss the implications of our findings on selected real-world cybersecurity measures currently applied in the insurance and regulation practice or under discussion for future cyber risk control. To this end, we provide a brief overview of the current cybersecurity regulation and emphasize the role of insurance companies as private regulators. Moreover, from an insurance point of view, we provide first attempts to design systemic cyber risk obligations and to measure the systemic risk contribution of individual policyholders.

ASJC Scopus Sachgebiete

Zitieren

Building resilience in cybersecurity: An artificial lab approach. / Awiszus, Kerstin; Bell, Yannick; Lüttringhaus, Jan et al.
in: Journal of Risk and Insurance, Jahrgang 91, Nr. 3, 20.08.2024, S. 753-800.

Publikation: Beitrag in FachzeitschriftArtikelForschungPeer-Review

Awiszus K, Bell Y, Lüttringhaus J, Svindland G, Voß A, Weber S. Building resilience in cybersecurity: An artificial lab approach. Journal of Risk and Insurance. 2024 Aug 20;91(3):753-800. doi: 10.48550/arXiv.2211.04762, 10.1111/jori.12450, 10.15488/16144
Awiszus, Kerstin ; Bell, Yannick ; Lüttringhaus, Jan et al. / Building resilience in cybersecurity : An artificial lab approach. in: Journal of Risk and Insurance. 2024 ; Jahrgang 91, Nr. 3. S. 753-800.
Download
@article{45d8fe39bf1c4537b8df9e10f34c9b56,
title = "Building resilience in cybersecurity: An artificial lab approach",
abstract = "Based on classical contagion models we introduce an artificial cyber lab: the digital twin of a complex cyber system in which possible cyber resilience measures may be implemented and tested. Using the lab, in numerical case studies, we identify two classes of measures to control systemic cyber risks: security- and topology-based interventions. We discuss the implications of our findings on selected real-world cybersecurity measures currently applied in the insurance and regulation practice or under discussion for future cyber risk control. To this end, we provide a brief overview of the current cybersecurity regulation and emphasize the role of insurance companies as private regulators. Moreover, from an insurance point of view, we provide first attempts to design systemic cyber risk obligations and to measure the systemic risk contribution of individual policyholders.",
keywords = "complex systems, complexity economics, cyber insurance, cyber resilience, cybersecurity, economics of networks, systemic cyber risks",
author = "Kerstin Awiszus and Yannick Bell and Jan L{\"u}ttringhaus and Gregor Svindland and Alexander Vo{\ss} and Stefan Weber",
note = "Publisher Copyright: {\textcopyright} 2023 The Authors. Journal of Risk and Insurance published by Wiley Periodicals LLC on behalf of American Risk and Insurance Association.",
year = "2024",
month = aug,
day = "20",
doi = "10.48550/arXiv.2211.04762",
language = "English",
volume = "91",
pages = "753--800",
journal = "Journal of Risk and Insurance",
issn = "0022-4367",
publisher = "Wiley-Blackwell Publishing Ltd",
number = "3",

}

Download

TY - JOUR

T1 - Building resilience in cybersecurity

T2 - An artificial lab approach

AU - Awiszus, Kerstin

AU - Bell, Yannick

AU - Lüttringhaus, Jan

AU - Svindland, Gregor

AU - Voß, Alexander

AU - Weber, Stefan

N1 - Publisher Copyright: © 2023 The Authors. Journal of Risk and Insurance published by Wiley Periodicals LLC on behalf of American Risk and Insurance Association.

PY - 2024/8/20

Y1 - 2024/8/20

N2 - Based on classical contagion models we introduce an artificial cyber lab: the digital twin of a complex cyber system in which possible cyber resilience measures may be implemented and tested. Using the lab, in numerical case studies, we identify two classes of measures to control systemic cyber risks: security- and topology-based interventions. We discuss the implications of our findings on selected real-world cybersecurity measures currently applied in the insurance and regulation practice or under discussion for future cyber risk control. To this end, we provide a brief overview of the current cybersecurity regulation and emphasize the role of insurance companies as private regulators. Moreover, from an insurance point of view, we provide first attempts to design systemic cyber risk obligations and to measure the systemic risk contribution of individual policyholders.

AB - Based on classical contagion models we introduce an artificial cyber lab: the digital twin of a complex cyber system in which possible cyber resilience measures may be implemented and tested. Using the lab, in numerical case studies, we identify two classes of measures to control systemic cyber risks: security- and topology-based interventions. We discuss the implications of our findings on selected real-world cybersecurity measures currently applied in the insurance and regulation practice or under discussion for future cyber risk control. To this end, we provide a brief overview of the current cybersecurity regulation and emphasize the role of insurance companies as private regulators. Moreover, from an insurance point of view, we provide first attempts to design systemic cyber risk obligations and to measure the systemic risk contribution of individual policyholders.

KW - complex systems

KW - complexity economics

KW - cyber insurance

KW - cyber resilience

KW - cybersecurity

KW - economics of networks

KW - systemic cyber risks

UR - http://www.scopus.com/inward/record.url?scp=85174275049&partnerID=8YFLogxK

U2 - 10.48550/arXiv.2211.04762

DO - 10.48550/arXiv.2211.04762

M3 - Article

AN - SCOPUS:85174275049

VL - 91

SP - 753

EP - 800

JO - Journal of Risk and Insurance

JF - Journal of Risk and Insurance

SN - 0022-4367

IS - 3

ER -