A framework for cyber-risk insurance against ransomware: A mixed-method approach

IF 20.1 1区 管理学 Q1 INFORMATION SCIENCE & LIBRARY SCIENCE
Arunabha Mukhopadhyay, Swati Jain
{"title":"A framework for cyber-risk insurance against ransomware: A mixed-method approach","authors":"Arunabha Mukhopadhyay,&nbsp;Swati Jain","doi":"10.1016/j.ijinfomgt.2023.102724","DOIUrl":null,"url":null,"abstract":"<div><p>Hackers follow a standard cyber kill chain process and install ransomware payloads using phishing emails on firms belonging to critical industry, resulting in huge losses in revenue, reputation, and customer churn. This study uses a mixed-method explanatory approach to mitigate ransomware attacks. We present the quantitative Ransomware Risk Management Model (R2M2) based on protection motivation theory (PMT). The Ransomware Risk Assessment module based on the threat appraisal component of PMT and the National Institute of Standards and Technology (NIST) guidelines can help the chief information security officer (CISO) to assess the risk using predictive analytics techniques. The Ransomware Risk Quantification module uses collective risk modeling to compute the severity of a ransomware attack on an organization. The Ransomware Risk Mitigation module helps the CISO to minimize the probability and impact of a ransomware attack on their organization by (i) investing in perimeter security technologies and training to ensure prepare, deter, detect, restrain, recover, and review mitigation strategies, (ii) adopting the National Institue of Standards and Technology (NIST) Cybersecurity Framework to ensure business resilience, and (iii) mitigating the residual risk by investing in cyber-risk insurance. We validated the proposed method using a qualitative study by interviewing participants form firms affected by ransomware, managed security service providers, security consultants, and cyber-risk insurers.</p></div>","PeriodicalId":48422,"journal":{"name":"International Journal of Information Management","volume":"74 ","pages":"Article 102724"},"PeriodicalIF":20.1000,"publicationDate":"2023-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0268401223001056/pdfft?md5=3d251a9afa04505d27c683328e832cbf&pid=1-s2.0-S0268401223001056-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Information Management","FirstCategoryId":"91","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0268401223001056","RegionNum":1,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"INFORMATION SCIENCE & LIBRARY SCIENCE","Score":null,"Total":0}
引用次数: 0

Abstract

Hackers follow a standard cyber kill chain process and install ransomware payloads using phishing emails on firms belonging to critical industry, resulting in huge losses in revenue, reputation, and customer churn. This study uses a mixed-method explanatory approach to mitigate ransomware attacks. We present the quantitative Ransomware Risk Management Model (R2M2) based on protection motivation theory (PMT). The Ransomware Risk Assessment module based on the threat appraisal component of PMT and the National Institute of Standards and Technology (NIST) guidelines can help the chief information security officer (CISO) to assess the risk using predictive analytics techniques. The Ransomware Risk Quantification module uses collective risk modeling to compute the severity of a ransomware attack on an organization. The Ransomware Risk Mitigation module helps the CISO to minimize the probability and impact of a ransomware attack on their organization by (i) investing in perimeter security technologies and training to ensure prepare, deter, detect, restrain, recover, and review mitigation strategies, (ii) adopting the National Institue of Standards and Technology (NIST) Cybersecurity Framework to ensure business resilience, and (iii) mitigating the residual risk by investing in cyber-risk insurance. We validated the proposed method using a qualitative study by interviewing participants form firms affected by ransomware, managed security service providers, security consultants, and cyber-risk insurers.

针对勒索软件的网络风险保险框架:一种混合方法
黑客遵循标准的网络杀伤链流程,使用网络钓鱼电子邮件对关键行业的公司安装勒索软件,导致收入、声誉和客户流失方面的巨大损失。本研究使用混合方法解释方法来减轻勒索软件攻击。提出了基于保护动机理论(PMT)的定量勒索软件风险管理模型(R2M2)。基于PMT威胁评估组件和美国国家标准与技术研究院(NIST)指南的勒索软件风险评估模块可以帮助首席信息安全官(CISO)使用预测分析技术评估风险。勒索软件风险量化模块使用集体风险建模来计算组织遭受勒索软件攻击的严重程度。勒索软件风险缓解模块帮助首席信息安全官通过以下方式将勒索软件攻击对其组织的可能性和影响降至最低:(i)投资于外围安全技术和培训,以确保准备、阻止、检测、抑制、恢复和审查缓解策略;(ii)采用美国国家标准与技术研究院(NIST)网络安全框架,以确保业务弹性;(iii)通过投资网络风险保险,降低剩余风险。我们通过访谈受勒索软件影响的公司、托管安全服务提供商、安全顾问和网络风险保险公司的参与者,对所提出的方法进行了定性研究。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
International Journal of Information Management
International Journal of Information Management INFORMATION SCIENCE & LIBRARY SCIENCE-
CiteScore
53.10
自引率
6.20%
发文量
111
审稿时长
24 days
期刊介绍: The International Journal of Information Management (IJIM) is a distinguished, international, and peer-reviewed journal dedicated to providing its readers with top-notch analysis and discussions within the evolving field of information management. Key features of the journal include: Comprehensive Coverage: IJIM keeps readers informed with major papers, reports, and reviews. Topical Relevance: The journal remains current and relevant through Viewpoint articles and regular features like Research Notes, Case Studies, and a Reviews section, ensuring readers are updated on contemporary issues. Focus on Quality: IJIM prioritizes high-quality papers that address contemporary issues in information management.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信