Date of Award
3-24-2016
Document Type
Thesis
Degree Name
Master of Science
Department
Department of Electrical and Computer Engineering
First Advisor
Mason Rice, PhD.
Abstract
Critical infrastructure owners and operators want to minimize their cyber risk and expenditures on cybersecurity. The insurance industry has been quantitatively assessing risk for hundreds of years in order to minimize risk and maximize profits. To achieve these goals, insurers continuously gather statistical data to improve their predictions, incentivize their clients' investment in self-protection and periodically refine their models to improve the accuracy of risk estimates. This paper presents a framework which incorporates the operating principles of the insurance industry in order to provide quantitative estimates of cyber risk. The framework implements optimization techniques to suggest levels of investment for both cybersecurity and insurance for critical infrastructure owners and operators. This analysis can be used to quantitatively formulate strategies to minimize cyber risk.
AFIT Designator
AFIT-ENG-MS-16-M-055
DTIC Accession Number
AD1053886
Recommended Citation
Young, Derek R., "A Framework for Incorporating Insurance into Critical Infrastructure Cyber Risk Strategies" (2016). Theses and Dissertations. 329.
https://scholar.afit.edu/etd/329