Cremer Frank, Sheehan Barry, Fortmann Michael, Kia Arash N, Mullins Martin, Murphy Finbarr, Materne Stefan
University of Limerick, Limerick, Ireland.
TH Köln University of Applied Sciences, Cologne, Germany.
Geneva Pap Risk Insur Issues Pract. 2022;47(3):698-736. doi: 10.1057/s41288-022-00266-6. Epub 2022 Feb 17.
Cybercrime is estimated to have cost the global economy just under USD 1 trillion in 2020, indicating an increase of more than 50% since 2018. With the average cyber insurance claim rising from USD 145,000 in 2019 to USD 359,000 in 2020, there is a growing necessity for better cyber information sources, standardised databases, mandatory reporting and public awareness. This research analyses the extant academic and industry literature on cybersecurity and cyber risk management with a particular focus on data availability. From a preliminary search resulting in 5219 cyber peer-reviewed studies, the application of the systematic methodology resulted in 79 unique datasets. We posit that the lack of available data on cyber risk poses a serious problem for stakeholders seeking to tackle this issue. In particular, we identify a lacuna in open databases that undermine collective endeavours to better manage this set of risks. The resulting data evaluation and categorisation will support cybersecurity researchers and the insurance industry in their efforts to comprehend, metricise and manage cyber risks.
The online version contains supplementary material available at 10.1057/s41288-022-00266-6.
据估计,2020年网络犯罪给全球经济造成的损失接近1万亿美元,自2018年以来增长超过50%。随着网络保险索赔平均额从2019年的14.5万美元升至2020年的35.9万美元,对更好的网络信息源、标准化数据库、强制报告和公众意识的需求日益增长。本研究分析了关于网络安全和网络风险管理的现有学术及行业文献,特别关注数据可用性。从初步检索得到的5219项经同行评审的网络研究中,运用系统方法得出了79个独特数据集。我们认为,网络风险方面缺乏可用数据给试图解决这一问题的利益相关者带来了严重问题。特别是,我们发现开放数据库存在空白,这破坏了更好管理此类风险的集体努力。由此产生的数据评估和分类将支持网络安全研究人员和保险业理解、衡量和管理网络风险的努力。
在线版本包含可在10.1057/s41288-022-00266-6获取的补充材料。
