Towards a Managerial Decision Framework for Utilization of Cyber Insurance Instruments in IT security

Authors

Tridib Bandyopadhyay, Kennesaw State UniversityFollow
Snehal Shidore, Kennesaw State UniversityFollow

Track

Information Systems Security and Privacy

Abstract

Organizations live with residual IT security risk since technological controls are imperfect. This underlines the importance of cyber insurance in the management of IT security risk. Despite the obvious advantages, cyber insurance instruments are scarcely utilized in practice. Extant research mostly considers the economic aspects of the rational purchase of cyber insurance. In contrast, we take an organizational perspective and attempt to isolate the paradigms, contexts and constituent forces that shape the organizational decision making process towards utilization of cyber insurance. Prescriptive and descriptive decisional models are analyzed, organizational decision constituencies are explained and domain specific contexts are included before we propose an integrated decision framework for organizational utilization of cyber insurance.

Recommended Citation

Bandyopadhyay, Tridib and Shidore, Snehal, "Towards a Managerial Decision Framework for Utilization of Cyber Insurance Instruments in IT security" (2011). AMCIS 2011 Proceedings - All Submissions. 160.
https://aisel.aisnet.org/amcis2011_submissions/160