University of Worcester Worcester Research and Publications

A Model for Proactively Insuring SMEs in the Supply Chain Against Cyber Risk

Henson, Richard and Sutcliffe, D. (2013) A Model for Proactively Insuring SMEs in the Supply Chain Against Cyber Risk. Atiner Conference Paper Series No: SME2013-0547. ISSN 2241-2891

[img] Text
rhgreece2013.doc - Published Version

Download (74kB)


There has been increasing concern in recent years about the lack of urgency in SMEs regarding security of their information. Concern stems not only from the risks the SMEs are taking not only with their own data, but also with the data they share with supply chain partners. Current surveys have shown that the situation is getting worse with human error compounded by cybercriminals exploiting weaknesses in SME systems and using them to hack supply chain hubs.

In this paper, a researcher and a practitioner from the UK investigate possible reasons for SME apparent lack of interest in securing data, or developing information security management systems (ISMSs). In the absence of UK legislation, the only way SMEs are likely en masse to improve their information security is through pressure from supply chain partners and particularly supply chain hubs. The authors present an interesting development in cyber liability insurance which provides the basis for a cost-effective solution that will encourage good information assurance across the supply chain.

Item Type: Article
Uncontrolled Discrete Keywords: SME, Information Risk Management, Information Assurance, ISMS, Information Security Management Systems, Data Protection Legislation, Economics of Information Security, Supply Chain, Standard, ISO27001, IASME, Self-assessment, Insurance, Cyber Liability
Subjects: H Social Sciences > HF Commerce
Divisions: College of Business, Psychology and Sport > Worcester Business School
Depositing User: Richard Henson
Date Deposited: 10 Oct 2013 15:04
Last Modified: 17 Jun 2020 17:00

Actions (login required)

View Item View Item
Worcester Research and Publications is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.