RUSI set to investigate impact of cyber insurance on secure behaviours

The project will explore why organisations, including SMEs, may or may not feel compelled to introduce sufficient cyber risk management measures to protect against cyber attacks. It will analyse to what extent cyber insurance could encourage better cyber risk management practices.

In doing so, the research will seek to learn from the approaches of other mature insurance sectors to incentive secure behaviours.

This research is funded by the National Cyber Security Centre in collaboration with the Research Institute in Sociotechnical Cyber Security.

RUSI’s Cyber Research team will work in partnership with the University of Kent to look at the effect of cyber insurance on secure behaviours. The project, entitled Incentivising Cyber Security Through Cyber Insurance, will explore to what extent cyber insurance could direct and guide secure behaviours, and also examine how the benefits of cyber insurance could be promoted more widely.

Throughout the project, RUSI and the University of Kent researchers will consult widely with practitioners and policymakers from across Government, academia, industry and other subject matter experts.

The final report for this project is scheduled for publication in March next year. It will include recommendations for policymakers to consider on the role that cyber insurance could play in delivering the cyber security that the UK needs over the next decade and beyond.