Pricing cyber-insurance for systems via maturity models. (arXiv:2302.04734v1 [econ.GN])

Risks associated with information technology systems present a complex
modelling challenge, combining the disciplines of operations management,
security, and economics. The challenge is to establish a representation of an
organization's operational and systems architecture that allows an assessment
of the security postures of its various components able to support an
assessment of its insurance risk. This work proposes a socioeconomic model for
cyber-insurance decisions compromised of entity relationship diagrams, security
maturity models, and economic models, thereby linking systems-type and economic …

architecture assessment challenge compromised cyber economics information information technology insurance management maturity operational operations organization pricing relationship representation risk risks security security maturity support systems technology work