Login, change your address, subscribe to new or manage current magazines or e-newsletter subscriptions
Computerworld Publication PageNetworkWorld Publication PageCIO Canada Publication PageITJobUniverse.ca
- The Information, Communication and Technology (ICT) Job Board
Advanced Search
Knowledge Centres
Content Types
Featured White Papers
Gartner Research Note "Boost SharePoint Performance with an Application Delivery Network"Gartner Research Note "Boost SharePoint Performance with an Application Delivery Network" read more
From fear to value: CIO strategies for propelling business through the economic crisisFrom fear to value: CIO strategies for propelling business through the economic crisis read more
Reaping the rewards of your service-oriented architecture infrastructureReaping the rewards of your service-oriented architecture infrastructure read more
Yuk it Up
Featured White Papers
Download the Network Barometer Report, which aggregates findings from secure network infrastructure assessments conducted for more than 150 organisations around the world. It provides some surprising stats on the state of network (un)readiness prevalent today; the reasons why organisations are failing at remediating known vulnerabilities; recommendations on assessing your own infrastructure, and on ways to improve your state of readiness to support the business; and more.
Early-generation server load-balancing technology has proven to be an invaluable asset, especially for organizations hosting widely utilized Web applications. But business requirements evolve, as do the processes and technologies used to fulfill them. The many changes and trends that have taken hold since SLBs were first introduced expose the need for enterprises to step up from a simple load-balancing solution to a more comprehensive application delivery solution . This paper is intended to serve as a guide for organizations looking to replace their early-generation SLBs, providing details on the top eight criteria to use during an evaluation process.
Featured Spotlight
Keep up on who's hiring, who's downsizing and how the government is helping. News, job opportunities, recruiters and employment lawyers are all available.
Poll




Sign-Up for
Information Architecture
eNewsletter Delivered Weekly
Click here
Featured videos
Page 1 of 2

Digg it Twitter

The nuts and bolts of cyber-security insurance

Life is unpredictable. Catastrophes can and do happen. Fires, floods, bombs, lawsuits: businesses get insurance to protect themselves when things, inevitably, go wrong.

But few companies have cyber-security insurance despite the pervasive concern about identity theft and information security exposures.

According to the 2005 CSI/FBI Computer Crime and Security Survey, only 25 per cent use insurance to manage cyber-security risks, although the vast majority of respondents experienced breaches, with average losses of $204,000. Why the low uptake to help manage an area many senior executives say is a top priority?

“It’s a matter of getting the right price for cyber-security insurance. It comes down to economics. But this is a tough product for insurance companies,” said Lawrence A. Gordon, co-author of the survey and professor of information assurance at the University of Maryland.

A chicken-and-egg problem is at the core.

The percentage of organizations reporting computer intrusions to law enforcement continues its multi-year decline, driven by fears of market backlash. But insurance companies need this fundamental information to discern patterns in cyber-crime and develop the actuarial databases that form the basis of insurance risk assessment and pricing.

Despite the under-reporting problem, some major insurance companies started offering cyber-security insurance around 1999. But other issues are inhibiting uptake. Mass-market awareness of security risks has only recently percolated beyond regulated high-risk sectors like financial institutions and healthcare. And many companies are facing sharply increased costs for traditional “mandatory” insurance products such as property and casualty, leaving them with little budget to cover other risks.

There are also internal reporting and communication breakdowns at many companies, according to Robert Parisi, technology and telecommunications practice leader at Marsh Inc., a New York-based insurance brokerage. “If the technology side of the house is not reporting to the treasury or risk management side how often these security incidents happen, the guys whose business it is to buy insurance may not know the risk because no one tells them,” he said.

From the insurance carrier’s perspective, under-reporting increases the risk of adverse selection and poses a moral hazard. In insurance parlance, adverse selection refers to the problem that arises when the party seeking insurance has private information not available to the insurance company.

A person who is ill, for example, is more likely to seek insurance than a healthy one, and has an incentive to hide his condition. Moral hazard refers to the lack of incentives to the insured party to take actions that reduce the probability of loss after insurance is provided. Flood insurance, for example, can increase the likelihood of houses being built in high-risk areas like New Orleans.

Page 1 of 2
Send to a Friend  Rate This Page  Print This PageAdd a new comment
Bookmark this article on:
del.icio.us| Digg it| Furl| Google| Technorati| StumbleIt| Yahoo!

Have something to say about this article? Add a new comment

If you find a comment inappropriate, You can notify the moderator by clicking the Report an innapropriate comment icon.
ADD A COMMENT
Name:*Your email address will not appear online and will be used only in the event that the editor wishes to contact you personally for additional comment.
City:
Email:
Title:*
Comment:*
* required fields



Related Content
Articles

Events

Book Reviews

FEATURED VIDEOS: Intel® Xeon® Processor Series (Advertiser Content)

White Papers
Improving business through smart energy and environment policy
Businesses and public entities today face increasing pressure to develop policies that are both good for the planet and good for business. A framework developed by IBM offers businesses and other organizations a comprehensive approach to energy and environmental issues. The framework helps identify and prioritize environmental efforts by breaking down problems and opportunities into seven distinct business areas, which can then be segmented into manageable projects.