Cyber Insurance from the stakeholder's perspective: a qualitative analysis of barriers and facilitators to adoption

Dawn Branley-Bell, Lynne Coventry, Pam Briggs

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Business disruption from cyber-attacks is a recognized and growing concern, yet the uptake of cyber insurance has been substantially lower than expected. This study aimed to identify what factors may be influencing perceptions and uptake of cyber insurance. In-depth interviews were conducted with two stakeholder groups: those responsible for making cybersecurity decisions within businesses, and those involved in marketing cybersecurity products and/or services including cyber insurance. Thematic analysis generated five themes from the data: High complexity of company-level decision making, Security investment trade-off, Lack of risk data and immaturity of cyber insurance, Mistrust of insurers, and Compliance legislation as a driver for cyber insurance adoption. The results highlight the importance of recognizing that internal organizational decision making involves a complex eco-system which can make the process of obtaining and renewing cyber insurance an effortful process. Legislation may facilitate insurance uptake, but several external factors represent key barriers. There is a need for clearer policy wording, improved processes for cyber risk assessment, improved trust in insurers and lower policy premiums.

Original languageEnglish
Title of host publicationProceedings of EuroUSEC 2022
Subtitle of host publicationthe 2022 European Symposium on Usable Security hybrid-onsite event, September 29 & 30, 2022 in Karlsruhe, Germany
Place of PublicationNew York
PublisherAssociation for Computing Machinery, Inc
Pages151-159
Number of pages9
ISBN (Electronic)9781450397001
DOIs
Publication statusPublished - 29 Sep 2022
Externally publishedYes
Event2nd European Symposium on Usable Security - Karlsruhe, Germany
Duration: 29 Sep 202230 Sep 2022

Conference

Conference2nd European Symposium on Usable Security
Abbreviated titleEuroUSEC 2022
Country/TerritoryGermany
CityKarlsruhe
Period29/09/2230/09/22

Keywords

  • Cybersecurity
  • Cyber insurance
  • Policy
  • Risk assessment
  • Qualitative methods

Fingerprint

Dive into the research topics of 'Cyber Insurance from the stakeholder's perspective: a qualitative analysis of barriers and facilitators to adoption'. Together they form a unique fingerprint.

Cite this