LAUSR

Despite the benefits of cyber-insurance, organizations are reluctant to enroll in such policies mainly because of their limitation and high price. On the other hand, insurers are confronting the adverse selection and moral hazard problems as monitoring and distinguishing insureds’ cybersecurity posture are highly complicated. Considering the organizations’ security interdependency and their demand for cyber-insurance, we study the design of coalitional insurance mechanisms with the goal of covering the adverse selection, moral hazard, and motivating players for cybersecurity investment and information sharing. To this end, we propose a synergistic insurance framework, where organizations collaboratively insure a common platform instead of themselves. We present three models for insuring a common platform. In the first model, organizations act as both insurer and insured to distribute the risk in the coalition. In the second model, the system provides rewards to crowdfund the insurance. Finally, in the third model, we investigate the outsourcing of a common platform insurance. Furthermore, we discuss how our proposed mechanisms for such framework satisfy the budget balanced, ex ante individual rationality, and incentive compatibility properties. We study how such a system can improve the social welfare by leveraging cyber-insurance as a motivation for organizations to cooperate on the cybersecurity investment and information sharing.