A systematic literature review of cyber insurance challenges

This paper presents a systematic literature review of the challenges in cyber insurance. The study uses PRISMA to obtain transparent results. This review summarized sectors which risk a cyber incident and cyber insurance’s challenges and its solutions. The articles included in this study were collected from the search results on four digital libraries: ACM, IEEE Xplore, ScienceDirect, and Springer Link, published in 2016-2020. There are 46 out of 313 articles that meet the criteria. The sectors that risk a cyber incident are government, public, financial, professional, and technology. The cyber insurance challenges are divided into three categories based on contractual agreement status, namely before the contractual agreement, in the contractual agreement, and no contractual agreement. Challenges included in the condition before the contractual are organization eligibility and insurance contract design. The difficulties faced if the contractual exists, namely self-reporting, external security audit, and the insurer’s refusal to pay the claim. Finally, no contractual agreement leads to a general challenge in cyber insurers, namely cyber insurance awareness and cost-benefit aspects of cybersecurity investment. The proposed solutions to the challenges are unique. However, there are some similarities, namely proposals in the form of frameworks, models, or suggestions. Apart from these three things, the solutions can also be in the form of analysis to get optimal things.