Abstract
This paper represents the SECONDO framework to assist organizations with decisions related to cybersecurity investments and cyber-insurance. The platform supports cybersecurity and cyber-insurance decisions by implementing and integrating a number of software components. SECONDO operates in three distinct phases: (i) cyber-physical risk assessment and continuous monitoring; (ii) investment-driven optimized cyber-physical risk control; and (iii) blockchain-enabled cyber-insurance contract preparation and maintenance. Insurers can leverage SECONDO functionalities to actively participate in the management of cyber-physical risks of a shipping company to reduce their insured risk.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
References
Fielder, A., Panaousis, E., Malacaria, P., Hankin, C., Smeraldi, F.: Decision support approaches for cyber security investment. Decis. Support Syst. 86, 13–23 (2016)
Panou, A., Ntantogian, C., Xenakis, C.: RiSKi: A framework for modeling cyber threats to estimate risk for data breach insurance. In: Proceedings of the 21st Pan-Hellenic Conference on Informatics. 1–6 (2017)
Fielder, A., König, S., Panaousis, E., Schauer, S., Rass, S.: Risk assessment uncertainties in cybersecurity investments. Games 9(2), 34 (2018)
Chronopoulos, M., Panaousis, E., Grossklags, J.: An options approach to cybersecurity investment. IEEE Access 6, 12175–12186 (2017)
Panda, S., Panaousis, E., Loukas, G., Laoudias, C.: Optimizing Investments in Cyber Hygiene for Protecting Healthcare Users. In: Di Pierro, A., Malacaria, P., Nagarajan, R. (eds.) From Lambda Calculus to Cybersecurity Through Program Analysis. LNCS, vol. 12065, pp. 268–291. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-41103-9_11
Laszka, A., Panaousis, E., Grossklags, J.: Cyber-insurance as a signaling game: self-reporting and external security audits. In: Bushnell, L., Poovendran, R., Başar, T. (eds.) GameSec 2018. LNCS, vol. 11199, pp. 508–520. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-01554-1_29
Oppliger, R.: Quantitative risk analysis in information security management: a modern fairy tale. IEEE Secur. Priv. 13(6), 18–21 (2015)
Nespoli, P., Papamartzivanos, D., Mármol, F.G., Kambourakis, G.: Optimal countermeasures selection against cyber attacks: a comprehensive survey on reaction frameworks. IEEE Commun. Sur. Tutor. 20(2), 1361–1396 (2017)
Böhme, R., Schwartz, G., et al.: Modeling cyber-insurance: Towards a unifying framework. In: WEIS. (2010)
Woods, D., Agrafiotis, I., Nurse, J.R.C., Creese, S.: Mapping the coverage of security controls in cyber insurance proposal forms. J. Int. Serv. Appl. 8(1), 1–13 (2017). https://doi.org/10.1186/s13174-017-0059-y
Marotta, A., Martinelli, F., Nanni, S., Orlando, A., Yautsiukhin, A.: Cyber-insurance survey. Comput. Sci. Rev. 24, 35–61 (2017)
Romanosky, S., Ablon, L., Kuehn, A., Jones, T.: Content analysis of cyber insurance policies: how do carriers price cyber risk? J. Cyber. Sec. 5(1) (2019)
Organization, I.M.: Guidelines on maritime cyber risk manageme. http://www.imo.org/en/OurWork/Security/Guide_to_Maritime_Security/Pages/Default.aspx
Cimpean, D., Meire, J., Bouckaert, V., Vande Casteele, S., Pelle, A., Hellebooge, L.: Analysis of cyber security aspects in the maritime sector. (2011)
EIOPA: Cyber risk for insurers– challenges and opportunities. https://eiopa.europa.eu/Publications/Reports/EIOPA_Cyber%20risk%20for%20insurers_Sept2019.pdf
Balance small business, T.: What does a cyber liability policy cover? https://www.becyberawareatsea.com/awareness
SANS: Bridging the insurance/infosec gap: The sans 2016 cyber insurance survey. https://www.advisenltd.com/2016/06/21/bridging-the-insuranceinfosec-gap-the-sans-2016-cyber-insurance-survey/
Mrakovic, I., Vojinovic, R.: Maritime cyber security analysis - how to reduce threats? Trans. Marit. Sci. 8(1), 132–139 (2019)
Acknowledgment
This research has been funded by the European Union’s Horizon 2020 research and innovation programme under the Marie Sklodowska-Curie SECONDO grant agreement No. 823997.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Farao, A. et al. (2020). SECONDO: A Platform for Cybersecurity Investments and Cyber Insurance Decisions. In: Gritzalis, S., Weippl, E.R., Kotsis, G., Tjoa, A.M., Khalil, I. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2020. Lecture Notes in Computer Science(), vol 12395. Springer, Cham. https://doi.org/10.1007/978-3-030-58986-8_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-58986-8_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-58985-1
Online ISBN: 978-3-030-58986-8
eBook Packages: Computer ScienceComputer Science (R0)