This course explores the limitations of cyber insurance as a tool to improve cybersecurity. The learning outcomes include understanding the misalignment between cyber insurance and security incentives, and exploring alternative incentive mechanisms. The course covers topics such as insurances incentives, positive incentives, risk models, and public reactions. The teaching method is a talk that presents ten ways cyber insurance falls short in enhancing security and proposes better incentive instruments. The intended audience includes individuals interested in cybersecurity, risk management, and insurance policies.
Overview
Syllabus
Intro
First Preliminary
Second Preliminary
Insurances Incentives
Carrots Sticks
Positive Incentives
Malcolm Tucker
The Wrong People
Magic Formulas
Show of Hands
Cycle Time Between Stimulus
Higher Cybersecurity
Risk Retention
Risk Models
Networked Interdependent Risk
Data from a Survey
Pie Charts
Technical People
Variation in Premium
Survey Results
Premium Prices Rising
Book Deal
Counterarguments
Public reaction
Taught by
Security BSides San Francisco
