Henson, Richard and Sutcliffe, D. (2013) A Model for Proactively Insuring SMEs in the Supply Chain Against Cyber Risk. Atiner Conference Paper Series No: SME2013-0547. ISSN 2241-2891
Text
rhgreece2013.doc - Published Version Download (74kB) |
Abstract
There has been increasing concern in recent years about the lack of urgency in SMEs regarding security of their information. Concern stems not only from the risks the SMEs are taking not only with their own data, but also with the data they share with supply chain partners. Current surveys have shown that the situation is getting worse with human error compounded by cybercriminals exploiting weaknesses in SME systems and using them to hack supply chain hubs.
In this paper, a researcher and a practitioner from the UK investigate possible reasons for SME apparent lack of interest in securing data, or developing information security management systems (ISMSs). In the absence of UK legislation, the only way SMEs are likely en masse to improve their information security is through pressure from supply chain partners and particularly supply chain hubs. The authors present an interesting development in cyber liability insurance which provides the basis for a cost-effective solution that will encourage good information assurance across the supply chain.
Item Type: | Article |
---|---|
Uncontrolled Discrete Keywords: | SME, Information Risk Management, Information Assurance, ISMS, Information Security Management Systems, Data Protection Legislation, Economics of Information Security, Supply Chain, Standard, ISO27001, IASME, Self-assessment, Insurance, Cyber Liability |
Subjects: | H Social Sciences > HF Commerce |
Divisions: | College of Business, Psychology and Sport > Worcester Business School |
Depositing User: | Richard Henson |
Date Deposited: | 10 Oct 2013 15:04 |
Last Modified: | 17 Jun 2020 17:00 |
URI: | https://eprints.worc.ac.uk/id/eprint/2439 |
Actions (login required)
View Item |