Abstract
Cyber insurance like other types of insurance is a method of risk transfer, where the insured pays a premium in exchange for coverage in the event of a loss. As a result of the reduced risk for the insured and the lack of information on the insurer’s side, the insured is generally inclined to lower its effort, leading to a worse state of security, a common phenomenon known as moral hazard. To mitigate moral hazard, a widely employed concept is premium discrimination, i.e., an agent/insured who exerts higher effort pays less premium. This, however, relies on the insurer’s ability to assess the effort exerted by the insured. In this paper, we study two methods of premium discrimination that rely on two different types of assessment: pre-screening and post-screening. Pre-screening occurs before the insured enters into a contract and can be done at the beginning of each contract period; the result of this process gives the insurer an estimated risk on the insured, which then determines the contract terms. The post-screening mechanism involves at least two contract periods whereby the second-period premium is increased if a loss event occurs during the first period.
Prior work shows that both pre-screening and post-screening are generally effective in mitigating moral hazard and increasing the insured’s effort. The analysis in this study shows, however, that the conclusion becomes more nuanced when loss events are rare. Specifically, we show that post-screening is not effective at all with rare losses, while pre-screening can be an effective method when the agent perceives them as rarer than the insurer does; in this case pre-screening improves both the agent’s effort level and the insurer’s profit.
This work is supported by the NSF under grants CNS-1616575, CNS-1739517, and ARO W911NF1810208.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
p(e) can be written as \(t\cdot (\exp \{-\alpha \})^e\) which is a function consistent with the exponential probability function introduced in [16].
- 2.
Our analysis can be extended to a multi-period setting where the premium of each period depends on the agent’s history of losses, i.e., the agent’s third-period premium depends on his loss events in the first and second periods and so on.
- 3.
The analysis can be extended to other noise distributions.
- 4.
By assuming that t goes to zero, the entire probability of a loss incident (i.e., \(p(e) = t \exp (\alpha (e)\)) goes to zero.
- 5.
If the agent exert effort e, then \(l_a\exp \{-\alpha \cdot e\}\) and \(l_p\exp \{-\alpha \cdot e\}\) are the perceived expected loss from the agent and the insurer’s perspective.
References
Tosh, D.K., et al.: Three layer game theoretic decision framework for cyber-investment and cyber-insurance. In: Rass, S., An, B., Kiekintveld, C., Fang, F., Schauer, S. (eds.) GameSec 2017. LNCS, vol. 10575, pp. 519–532. Springer International Publishing, Cham (2017). https://doi.org/10.1007/978-3-319-68711-7_28
Vakilinia, I., Sengupta, S.: A coalitional cyber-insurance framework for a common platform. IEEE Trans. Inf. Forensics Secur. 14(6), 1526–1538 (2018)
Lelarge, M., Bolot, J.: Economic incentives to increase security in the internet: the case for insurance. In: Proceedings of IEEE INFOCOM, pp. 1494–1502 (2009)
Khalili, M.M., Naghizadeh, P., Liu, M.: Designing cyber insurance policies: the role of pre-screening and security interdependence. IEEE Trans. Inf. Forensics Secur. PP(99), 1 (2018)
Shetty, N., Schwartz, G., Walrand, J.: Can competitive insurers improve network security? In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) Trust 2010. LNCS, vol. 6101, pp. 308–322. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13869-0_23
Schwartz, G., Shetty, N., Walrand, J.: Cyber-insurance: missing market driven by user heterogeneity (2010). www.eecs.berkeley.edu/nikhils/SecTypes.pdf
Zhang, R., Zhu, Q., Hayel, Y.: A bi-level game approach to attack-aware cyber insurance of computer networks. IEEE J. Sel. Areas Commun. 35(3), 779–794 (2017)
Hofmann, A.: Internalizing externalities of loss prevention through insurance monopoly: an analysis of interdependent risks. Geneva Risk Insur. Rev. 32(1), 91–111 (2007)
Yang, Z., Lui, J.C.: Security adoption and influence of cyber-insurance markets in heterogeneous networks. Perform. Eval. 74, 1–17 (2014)
Khalili, M.M., Liu, M., Romanosky, S.: Embracing and controlling risk dependency in cyber insurance policy underwriting. In: The Annual Workshop on the Economics of Information Security (WEIS) (2018)
Rubinstein, A., Yaari, M.E.: Repeated insurance contracts and moral hazard. J. Econ. Theory 30(1), 74–97 (1983). http://www.sciencedirect.com/science/article/pii/0022053183900947
Slovic, P., Fischhoff, B., Lichtenstein, S., Corrigan, B., Combs, B.: Preference for insuring against probable small losses: insurance implications. J. Risk Insur. 44(2), 237–258 (1977). http://www.jstor.org/stable/252136
Raschky, P.A., Weck-Hannemann, H.: Charity hazard-a real hazard to natural disaster insurance? Environ. Hazards 7(4), 321–329 (2007). http://www.sciencedirect.com/science/article/pii/S174778910700049X
Cox, J.: Equifax stung with multibillion-dollar class-action lawsuit after massive data breach (2017). http://www.thedailybeast.com/equifax-stung-with-multi-billion-dollar-class-action-lawsuit-after-massive-data-breach
Jiang, L., Anantharam, V., Walrand, J.: How bad are selfish investments in network security? IEEE/ACM Trans. Netw. 19(2), 549–560 (2010)
Gordon, L.A., Loeb, M.P.: The economics of information security investment. ACM Trans. Inf. Syst. Secur. 5(4), 438–457 (2002). https://doi.org/10.1145/581271.581274
Liu, Y., et al.: Cloudy with a chance of breach: forecasting cyber security incidents. In: Proceedings of the 24th USENIX Security Symposium (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendix
Appendix
Proof
(Lemma 1). Proof by contradiction. Let \((\hat{\pi }_1,\hat{\pi }_2,\hat{\pi }_3)\) be the solution of optimization problem (8), and assume that the (IR) constraint is not binding at the optimal contract \((\hat{\pi }_1,\hat{\pi }_2,\hat{\pi }_3)\). Because the (IR) constraint is not binding, the insurer can increase her utility by increasing \(\hat{\pi }_2, \hat{\pi }_3\) while she keeps \(\exp \{\gamma \hat{\pi }_2\} - \exp \{\gamma \hat{\pi }_3\}\) fixed. Therefore, based on (9) the agent’s effort inside the contract does not change, but the insurer’s profit increases. As a result, \((\hat{\pi }_1,\hat{\pi }_2,\hat{\pi }_3)\) is not an optimal contract. This is the contradiction implying that the (IR) constraint is binding. \(\blacksquare \)
Proof
(Theorem 1). Proof by contradiction: Assume that \(\hat{e} = 0\) and \(t=1\) and \(\left[ \frac{(\alpha - \gamma c)(\exp \{\gamma l\}-1)}{\gamma c }\right] > 1\). First we show that under these assumptions, \(\hat{\pi }_1 = \hat{\pi }_2 = \frac{1}{\gamma } \ln (1-u^o) := w^o\). Because \(\hat{e} = 0\) and \(t = 1\), the optimization problem for finding \((\hat{\pi }_1,\hat{\pi }_2,\hat{\pi }_3)\) is as follows,
By (IR) constraint we have,
Therefore, we re-write the optimization problem (24) as follows,
Because \(\pi _3\) does not appear in the objective function, we first find \(\pi _1\) and \(\pi _2\) such that they maximize the objective function. Then, we pick \(\pi _3\) such that (IC) constraint is satisfied. By the first order optimality condition for the objective function, we have,
Without loss of generality, we set \(\hat{\pi }_3 = \frac{1}{\gamma }\ln (\frac{\alpha - \gamma c}{\alpha } (1-u^o) )\). By (9), \(\hat{e}= 0\) (Notice that \(\frac{\alpha }{\gamma c}\frac{\exp \{\gamma \hat{\pi }_2\} - \exp \{\gamma \hat{\pi }_3\}}{\exp \{\gamma \hat{\pi }_1\}} = 1\) and a slight decrease in \(\hat{\pi }_3\), increases the agent’s effort based on (9)).
Now we show that the decrease in \(\hat{\pi }_3\) increases the insurer’s payoff. Notice that a slight decrease in \(\hat{\pi }_3\), increases the agent’s effort (based on (9)) and improves agents’ utility and the (IR) constraint is not violated. We write the insurer’s objective function as a function of \(\pi _3\). Therefore, we have (derivatives in the following equation are left derivatives),
Because \(\left[ \frac{(\alpha - \gamma c)(\exp \{\gamma l\}-1)}{\gamma c }\right] > 1\), (5) implies that \(e^o\) is not zero and \(\hat{\pi }_2 = \frac{1}{\gamma }\ln (1-u^o) <l\). Moreover, \(\frac{\partial p( e^{in}(\hat{\pi }_1,\hat{\pi }_2,{\pi }_3))}{\partial \pi _3} | _ {\pi _3 = \hat{\pi }_3}> 0\) implies that \(\frac{\partial h }{\partial \pi _3} |_{\pi _3 = \hat{\pi }_3} < 0\). Therefore, the decrease in \(\hat{\pi }_3\) increases the insurer’s payoff. This is a contradiction and the agent exerts non-zero effort in the optimal contract under given assumptions. \(\blacksquare \)
Proof
(Theorem 2). By (14), the agent exerts non-zero effort in a contract if \(\beta = c\). If the discount factor \(\beta = c\), then any positive number satisfies the (IC) constraint. Therefore, if \(\beta =c\), then the desired effort maximizes the insurer’s utility. By (14), we have,
By the first order condition of optimality, the solution of above optimization problem is \(\overline{e} =( \frac{1}{\alpha } \ln ( \frac{\alpha \cdot t \cdot l}{c}))^+\). Moreover, if \(\overline{e}>0\), then the maximum insurer’s profit using pre-screening (i.e., \(\beta = c\)) is given by,
Without pre-screening (i.e., \(\beta = 0\)), the agent exerts zero effort and the insurer’s profit is given by,
Therefore, the insurer uses pre-screening if and only if,
In other words, the insurer uses pre-screening and the agent exerts non-zero effort if and only if,
\(\blacksquare \)
Proof
(Theorem 3). Assume \(\sigma < \sigma '\).
Let \(g(\beta ,e,\sigma ) = \left[ w^o - ce - \frac{\gamma \beta ^2\sigma ^2}{2} - p(e) l\right] \). It is easy to see that \( g(\beta ,e,\sigma ') \le g(\beta ,e,\sigma )\). Therefore, we have,
Therefore, \(V(\sigma ') \le V(\sigma )\). \(\blacksquare \)
Proof
(Theorem 4).
-
By (9), the agent exerts zero effort if \(t_a \frac{\alpha }{\gamma c} \frac{\exp \{\gamma \pi _2 \} - \exp \{\gamma \pi _3 \} }{\exp \{\gamma \pi _1\}} \le 1\). Because \(t_a\) goes to zero, \(t_a\frac{\alpha }{\gamma c} \frac{\exp \{\gamma \pi _2 \} - \exp \{\gamma \pi _3 \} }{\exp \{\gamma \pi _1\}} \) also goes to zero. Therefore, the agent exerts zero effort under any insurance contract.
-
Because the agent exerts zero effort inside the optimal contract, his utility is given by,
$$\begin{aligned} \begin{array}{ll} U^{in}(0,\pi _1,\pi _2,\pi _3) = -\exp \{\gamma \pi \} - t_a \exp \{\gamma \pi _2\} -(1-t_a) \exp \{\gamma \pi _3\} \\ \text {(IR) is binding and } t_a \rightarrow 0 \Rightarrow ~1-\exp \{\gamma \pi _1\}+1 - \exp \{\gamma \pi _3\} = 2u^o \end{array} \end{aligned}$$(33)Therefore, the insurer’s problem (8) can be written as follows,
$$\begin{aligned} \begin{array}{ll} \max \nolimits _{\pi _1,\pi _2,\pi _3 } \pi _1 + \pi _3 - 2\cdot l_p\\ s{.}t{.}, \exp \{\gamma \pi _1\} + \exp \{\gamma \pi _3\} = 2 -2u^o \end{array} \end{aligned}$$(34)or
$$\begin{aligned} \begin{array}{ll} \max \nolimits _{\pi _1} \pi _1 + \frac{1}{\gamma }\ln (2 -2u^o-\exp \{\gamma \pi _1\} ) - 2 l_p\\ \end{array} \end{aligned}$$(35)The optimal solution for the above optimization problem is \(\pi _1 = \pi _3 = \frac{1}{\gamma } \ln (1-u^o)\) and also the value of \(\pi _2\) does not affect insurer’s or agent’s utility and can be any positive value.
\(\blacksquare \)
Proof
(Theorem 5). The proof is similar to the proof of Theorem 2 except that we should substitute \(l_p \) for \(t\cdot l\). \(\blacksquare \)
Proof
(Theorem 6). As the (IR) constraint is binding in (23), similar to (14) we can re-write optimization problem (23) as follows,
First we show that \(\hat{e}= \hat{e}'\). Proof by contradiction. Assume \(\hat{e} > \hat{e}' \ge 0\). Then, \(\beta ' -\beta = b-c\) since otherwise \(\hat{e} = \infty \) or \(\hat{e} =0 \). As \(b\le c\), then the objective function of (36) can be improved by decreasing \(\hat{e}\) without violating (IC) constraint. This contradiction shows that \(\hat{e} = \hat{e}'\).
By IC constraint, it is easy to see that if \(\hat{e}=\hat{e}'>0\), then \(\beta =c\), and \(\beta ' = b\).
Let \(\beta = \bar{\beta } ,e= \bar{e} \) be the solution to (14). According to the IC constraint of (14), two cases can happen:
-
(i)
\(\overline{\beta } = 0\) and \(\overline{e} = 0\). Then, \((\beta = \beta ' = e= e'=0)\) satisfies the IC constraint in (36) and is a feasible point. We have,
$$\begin{aligned} w^o - c \overline{e} - \frac{\gamma \overline{\beta } ^2\sigma ^2}{2} - p(\overline{e})l = \nonumber \\ w^o - c \overline{e}+ b (\overline{e} - \overline{e}) - \gamma \frac{(\overline{\beta }-\overline{\beta }')^2+(\overline{\beta }')^2}{2}\sigma ^2- p(\overline{e})l \end{aligned}$$(37) -
(ii)
\(\overline{\beta }= c\). Then \((\beta =c , \beta ' =b, e = e'=\overline{e})\) is a feasible point for (36) and satisfies the IC constraint. We have,
$$\begin{aligned} w^o - c \overline{e} - \frac{\gamma c^2\sigma ^2}{2} - p(\overline{e})l \le \nonumber \\ w^o - c\cdot \overline{e} + b(\overline{e}- \overline{e} ) - \gamma \frac{(c-b)^2+b^2}{2}\sigma ^2- p(\overline{e})l \end{aligned}$$(38)
Note that in this case \((\beta =c , \beta ' =b, e = e'=\overline{e})\) is the solution to (36).
By (37) and (38) we have, \(V(\sigma ) \le R(\sigma ) \). Notice that if \(b=c\), then (36) and (14) are equivalent and \( V(\sigma ) = R(\sigma ) \) as \(\hat{e}=\hat{e}'\). \(\blacksquare \)
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Khalili, M.M., Zhang, X., Liu, M. (2019). Effective Premium Discrimination for Designing Cyber Insurance Policies with Rare Losses. In: Alpcan, T., Vorobeychik, Y., Baras, J., Dán, G. (eds) Decision and Game Theory for Security. GameSec 2019. Lecture Notes in Computer Science(), vol 11836. Springer, Cham. https://doi.org/10.1007/978-3-030-32430-8_16
Download citation
DOI: https://doi.org/10.1007/978-3-030-32430-8_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-32429-2
Online ISBN: 978-3-030-32430-8
eBook Packages: Computer ScienceComputer Science (R0)