@inbook{cca8cef57f9249e093f435a6a8efa5b5,
title = "Insurance",
abstract = "Cyber insurance provides users a valuable additional layer of protection to transfer cyber data risks to third-parties. An incentive-compatible cyber insurance policy can reduce the number of successful cyber-attacks by incentivizing the adoption of preventative measures in return for more coverage and the implementation of best practices by pricing premiums based on an insured level of self-protection. This chapter introduces a bi-level game-theoretic model that nests a zero-sum game in a moral-hazard type of principal-agent game to capture complex interactions between a user, an attacker, and the insurer. The game framework provides an integrative view of cyber insurance and enables a systematic design of incentive-compatible and attack-aware insurance policy. The chapter also introduces a new metric of disappointment rate that measures the difference between the actual damage and the expected damage.",
author = "Stefan Rass and Stefan Schauer and Sandra K{\"o}nig and Quanyan Zhu",
note = "Publisher Copyright: {\textcopyright} 2020, Springer Nature Switzerland AG.",
year = "2020",
doi = "10.1007/978-3-030-46908-5_7",
language = "English (US)",
series = "Advanced Sciences and Technologies for Security Applications",
publisher = "Springer",
pages = "137--158",
booktitle = "Advanced Sciences and Technologies for Security Applications",
}