Five Approaches to Insuring Cyber Risks

French, Christopher C.

doi:10.2139/ssrn.3811826

Download This Paper

Open PDF in Browser

Add Paper to My Library

Five Approaches to Insuring Cyber Risks

81 Md. L. Rev. 103 (2021)

Penn State Law Research Paper No. 13-2021

42 Pages Posted: 31 Mar 2021 Last revised: 6 Jan 2022

See all articles by Christopher C. French

Christopher C. French

The Pennsylvania State University (University Park) – Penn State Law

Date Written: March 24, 2021

Abstract

Cyber risks are some of the most dangerous risks of the twenty-first century. Many types of businesses, including retail stores, healthcare entities, and financial institutions, as well as government entities, are the targets of cyber attacks. The simple reality is that no computer security system is completely safe. They all can be breached if the hackers are skilled enough and determined. Consequently, the worldwide damages caused by cyber attacks are predicted to reach $10.5 trillion by 2025. Insuring such risks is a monumental task.

The cyber insurance market currently is fragmented with hundreds of insurers selling their own cyber risk insurance policies that cover different types of cyber risks. This means the purchasers of cyber insurance must be experts in both insurance and cyber security in order to make a knowledgeable purchase. And, even knowledgeable purchasers of cyber insurance can only obtain limited coverage for cyber risks. This is because the insurance is sold on a named peril, as opposed to all-risk, basis and the policies contain numerous exclusions. Cyber policies also have relatively low policy limits in comparison to other lines of insurance and the enormity of the risks presented.

This Article explores ways the cyber insurance market could be improved. In doing so, it analyzes the current cyber insurance market, including the history of cyber insurance and the challenges that insuring cyber risks present. The Article then offers five different approaches to insuring cyber risks moving forward that address many of the problems with the current cyber insurance market. Ultimately, the Article concludes the fifth approach, the novel “All-Risk Private-Public” approach, would be the best one.

Keywords: cyber, insurance, correlated risks, liability, all-risk, hack, cyber attack, data breach, electronic data, moral hazard

JEL Classification: K12, K13, K23, M15

Suggested Citation: Suggested Citation

French, Christopher C., Five Approaches to Insuring Cyber Risks (March 24, 2021). 81 Md. L. Rev. 103 (2021), Penn State Law Research Paper No. 13-2021, Available at SSRN: https://ssrn.com/abstract=3811826 or http://dx.doi.org/10.2139/ssrn.3811826

Christopher C. French (Contact Author)

The Pennsylvania State University (University Park) – Penn State Law ( email )

Lewis Katz Building
University Park, PA 16802
United States

Download This Paper

Open PDF in Browser

Do you have a job opening that you would like to promote on SSRN?

Place Job Opening

Paper statistics

Downloads

208

Abstract Views

1,051

Rank

311,550

53 References

PlumX Metrics

Feedback

Five Approaches to Insuring Cyber Risks

Christopher C. French

Abstract

Christopher C. French (Contact Author)

The Pennsylvania State University (University Park) – Penn State Law ( email )

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Related eJournals

Penn State Law Legal Studies Research Paper Series

Cyberspace Law eJournal

Contracts & Commercial Law eJournal

Torts & Product Liability Law eJournal

National Security & Foreign Relations Law eJournal

Insurance Law, Legislation, & Policy eJournal

Risk, Regulation, & Policy eJournal

Cybersecurity, Privacy, & Networks eJournal

Cybersecurity & Data Privacy Law & Policy eJournal

Types of Offending eJournal

Political Economy - Development: Public Service Delivery eJournal