Ryzyko cybernetyczne jako wyzwanie dla branży ubezpieczeń w Polsce i na świecie

• Authors: Strupczewski Grzegorz
• Languages of publication: PL

Abstracts

EN

The problem of cyberattacks may seem distant in Poland. Although most entrepreneurs operating in Poland are aware of the existence of such threats, few of them undertake actions aimed at managing cyber risk, also through the purchase of specialist cyber insurance. Cybercrime can be described as the most serious challenge the insurance industry has faced in the last half-century. It reminds systemic risk, the source of which is the use of information technology and electronic data processing. Among the factors driving the development of the cyber-insurance market are the growing need for privacy in global society, large-scale cyber-attacks, legal regulations that impose high financial fines for data breaches, strive to minimize financial consequences of cyber attacks, potential damage to reputation resulting from cyber incident. The purpose of this article is to identify cyber risk, assess the degree of cyber threat, and analyze the degree of development of the cyber insurance market. The most serious difficulties in operating cyber insurance from the point of view of insurance companies have been indicated.

Keywords

PL

ubezpieczenia cybernetyczne; cyberryzyko; zarządzanie ryzykiem; bezpieczeństwo cybernetyczne

• Publisher: Komitet Nauk o Finansach PAN
• Journal: FINANSE Czasopismo Komitetu Nauk o Finansach PAN
• Year: 2017
• Issue: 1(10)
• Pages: 251-271

Contributors

author

Strupczewski Grzegorz

• Uniwersytet Ekonomiczny w Krakowie

References

• Allianz, A guide to cyber risk. Managing the impact of increasing interconnectivity, 2015, www.agcs.allianz.com (data dostępu 12.11.2015).
• AON, Exploring the latest cyber risk trends in EMEA, 2014, www.aon.com (data dostępu 14.11.2015).
• Berliner, B., Limits of insurability of risks, Prentice-Hall, Englewood Cliffs 1982.
• Böhme, R., Kataria, G., Models and measures for correlation in cyber-insurance, Working Paper, Workshop on the Economics of Information Security (WEIS), University of Cambridge, 2006, http://www.econinfosec.org/archive/weis2006/docs/16.pdf (data dostępu 12.04.2016).
• Cebula, J.J., Young, L.R., A taxonomy of operational cyber security risks, Technical Note CMU/SEI-2010-TN-028, Software Engineering Institute, Carnegie Mellon University, 2010.
• CERT, Raport o stanie bezpieczeństwa cyberprzestrzeni RP w roku 2014, Rządowy Zespół Reagowania na Incydenty Komputerowe, marzec 2015, http://www.cert.gov.pl/cer/publikacje/raporty-o-stanie-bezpi/738,Raport-o-stanie-bezpieczenstwacyberprzestrzeni-RP-w-2014-roku.html (data dostępu 11.01.2016).
• Dyrektywa 95/49/WE Parlamentu Europejskiego i Rady z dnia 24 października 1995 r. w sprawie ochrony osób fizycznych w zakresie przetwarzania danych osobowych i swobodnego przepływu tych danych (Dz.U. UE L 281/31 z 23.11.1995).
• Dyrektywa 2009/140/WE Parlamentu Europejskiego i Rady z dnia 25 listopada 2009 r. (Dz.U. UE L 337/37 z 18.12.2009).
• Eling, M., Wirfs, J.H., Cyber risk: Too big to insure?, University of St. Gallen, 2016, http://www.ivw.unisg.ch/~/media/internet/content/dateien/instituteundcenters/ivw/studien/cyberrisk2016.pdf (data dostępu 15.04.2016).
• ENISA, Incentives and barriers of the cyber insurance market in Europe, Europejska Agencja ds. Bezpieczeństwa Sieci I Informacji, 2012, www.enisa.europa.eu (data dostępu 10.11.2015).
• Fitch, Fitch: Rapid Growth in Cyber Insurance Would Be Credit-Negative, Fitch Ratings, 21.03.2016, https://www.fitchratings.com/site/fitch-home/pressrelease?id=1001233 (data dostępu 31.03.2016).
• Glascott, M.T., Aisen, A.J., The emperor’s new clothes and cyber insurance, Federation of Defense & Corporate Counsel Quarterly, wiosna 2013, http://www.thefederation.org/documents/22.The%20Emperors%20New%20Clothes.pdf (3.05.2016).
• Gordon, L.A., Loeb, M.P., Sohail, T., A framework for using insurance for cyber-risk management, “Communications of the ACM” 2013, 44(9).
• III, Cyber risk: Threat and opportunity, Insurance Information Institute, październik 2015, http://www.iii.org/sites/default/files/docs/pdf/cyber_risk_wp_final_102015.pdf (data dostępu 22.02.2016).
• ITRC, ITRC data breach reports December 31, 2015, Identity Theft Resource Center, kwiecień 2016, http://techorchard.com/wp-content/uploads/2016/04/DataBreachReports_2015.pdf (data dostępu 2.05.2016).
• Kesan, J.P., Majuca, R.P., Yurcik, W., Cyber insurance as a market-based solution to the problem of cybersecurity – case study, Proceedings of Workshop on the Economics of Information Security, Harvard, MA, czerwiec 2005.
• Lloyd’s, Managing digital risk. Trends, issues and implications for business, 2010, www.lloyds.com (data dostępu 8.11.2015).
• Marsh, (2015a), European 2015 cyber risk survey report, październik 2015, http://uk.marsh.com/Portals/18/Documents/European%202015%20Cyber%20Risk%20Survey%20Report-10-2015.pdf (data dostępu 11.04.2016).
• Marsh, (2015b), UK cyber security. The role of insurance in managing and mitigating the risk, 2015, https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/415354/UK_Cyber_Security_Report_Final.pdf (data dostępu 12.01.2016).
• McAfee, McAfee Labs threats report, marzec 2016, http://www.mcafee.com/us/resources/reports/rp-quarterly-threats-mar-2016.pdf (data dostępu 24.04.2016).
• Mukhopadhyay, A., Chatterjee, S., Saha, D., Mahanti, A., Sadhukhan, S., Cyber-risk decision models: To insure IT or not?, Decision Support Systems, kwiecień 2013,http://dx.doi.org/10.1016/j.dss.2013.04.004.
• NAIC, Cybersecurity, National Association of Insurance Commissioners, 25.01.2016, http://www.naic.org/cipr_topics/topic_cyber_risk.htm (data dostępu 22.05.2016).
• Newman, G., Cyber Market Overview: Product, Pricing & Positioning, CFC Underwriting, 14.04.2016, London.
• Ögűt, H., Raghunathan, S., Menon, N., Cyber security risk management: public policy implications of correlated risk, imperfect ability to prove loss, and observability of self-protection, Risk Analysis 2011, 31(3), doi: 10.1111/j.1539-6924.2010.01478.x.
• Podolak, G.D., Insurance for Cyber Risks: A Comprehensive Analysis of the Evolving Exposure, Today’s Litigation, and Tomorrow ’s Challenges, Quinnipiac Law Review 2015, t. 33.
• Ponemon & AON, 2015 Global Cyber Impact Report, kwiecień 2015, http://www.aon.com/attachments/risk-services/2015-Global-Cyber-Impact-Report-Final.pdf (data dostępu 12.12.2015).