Incentivizing Cyber Security Investment in the Power Sector Using An Extended Cyber Insurance Framework
- Air Force Cost Analysis Agency, Joint Base Andrews, MD (United States)
- Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)
- Air Force Institute of Technology, Wright-Patterson Air Force Base, OH (United States)
Collaboration between the DHS Cybersecurity and Infrastructure Security Agency (CISA) and public- sector partners has revealed that a dearth of cyber- incident data combined with the unpredictability of cyber attacks have contributed to a shortfall in first-party cyber insurance protection in the critical infrastructure community. This research explores the foundations of insurance theory and adopts behavioral manipulation methods to incentivize cyber-security investment. We validate the model by applying power industry performance data from 2013-2015 to assess risk facing the industry. Results show that the model can successfully discriminate between individual power companies as well as geographic regions on the basis of risk and can recommend cyber risk- management strategies tailored to individual risk profiles. Here, the adoption of this framework could invite more market participation, which will create a more robust cyber- incident reporting environment, contributing directly to the DHS goal of creating a national cyber- incident data repository.
- Research Organization:
- Oak Ridge National Laboratory (ORNL), Oak Ridge, TN (United States)
- Sponsoring Organization:
- USDOE
- Grant/Contract Number:
- AC05-00OR22725
- OSTI ID:
- 1512514
- Journal Information:
- Homeland Security Affairs, Journal Name: Homeland Security Affairs Journal Issue: 0 Vol. 15; ISSN 1558-643X
- Publisher:
- Naval Postgraduate School Center for Homeland Defense and SecurityCopyright Statement
- Country of Publication:
- United States
- Language:
- English
Similar Records
TCIA Secure Cyber Critical Infrastructure Modernization.
Cyber-Informed Engineering Research and Development Guide