IT service outage cost : case study and implications for cyber insurance
<?xml version="1.0" encoding="UTF-8"?><modsCollection xmlns="http://www.loc.gov/mods/v3" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.loc.gov/mods/v3 http://www.loc.gov/standards/mods/v3/mods-3-8.xsd">
<mods version="3.8">
<titleInfo>
<title>IT service outage cost</title>
<subTitle>: case study and implications for cyber insurance</subTitle>
</titleInfo>
<typeOfResource>text</typeOfResource>
<genre authority="marcgt">periodical</genre>
<originInfo>
<place>
<placeTerm type="code" authority="marccountry">che</placeTerm>
</place>
<dateIssued encoding="marc">2020</dateIssued>
<issuance>serial</issuance>
</originInfo>
<language>
<languageTerm type="code" authority="iso639-2b">eng</languageTerm>
</language>
<physicalDescription>
<form authority="marcform">print</form>
</physicalDescription>
<abstract displayLabel="Summary">Today, almost all enterprises are highly dependent on IT services. Thus, high availability IT services and the cost of downtime have received a lot of attention in recent years. One increasingly used tool for cyber risk management and transfer is cyber insurance, which typically offers some form of business interruption coverage. However, cost structures of IT service outages are still poorly understood, as costs are often just reported as lump sums. This article contributes a multiple case study of IT service outage cost in three sectors in Sweden: transport companies (N = 11), food companies (N = 9) and government agencies (N = 19). The contribution is three-fold:(i) the measurement instrument itself, (ii) the insights into different cost structures gained, and (iii) the implications of different cost structures on availability investment strategies. Whereas some enterprises incur only a fixed outage cost, some incur (almost) only lost productivity or almost only lost revenue. In the public sector, lost revenue is often negligible. The results are further contextualised by a discussion of cyber insurance implications</abstract>
<note type="statement of responsibility">Ulrik Franke</note>
<subject xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="MAPA20080662257">
<topic>Interrupción de negocio</topic>
</subject>
<subject xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="MAPA20170003779">
<topic>Seguro de ciberriesgos</topic>
</subject>
<subject xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="MAPA20080591182">
<topic>Gerencia de riesgos</topic>
</subject>
<subject xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="MAPA20080615673">
<topic>Transferencia de riesgos</topic>
</subject>
<subject xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="MAPA20080623791">
<topic>Tecnología de la información</topic>
</subject>
<subject xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="MAPA20080553630">
<topic>Coberturas</topic>
</subject>
<classification authority="">328.3</classification>
<relatedItem type="host">
<titleInfo>
<title>Geneva papers on risk and insurance : issues and practice</title>
</titleInfo>
<originInfo>
<publisher>Geneva : The Geneva Association, 1976-</publisher>
</originInfo>
<identifier type="issn">1018-5895</identifier>
<identifier type="local">MAP20077100215</identifier>
<part>
<text>01/10/2020 Volumen 45 Número 4 - octubre 2020 , p. 760-784</text>
</part>
</relatedItem>
<recordInfo>
<recordContentSource authority="marcorg">MAP</recordContentSource>
<recordCreationDate encoding="marc">201015</recordCreationDate>
<recordChangeDate encoding="iso8601">20201020130830.0</recordChangeDate>
<recordIdentifier source="MAP">MAP20200032908</recordIdentifier>
<languageOfCataloging>
<languageTerm type="code" authority="iso639-2b">spa</languageTerm>
</languageOfCataloging>
</recordInfo>
</mods>
</modsCollection>