Schloss Dagstuhl - Leibniz-Zentrum für Informatik GmbH Schloss Dagstuhl - Leibniz-Zentrum für Informatik GmbH scholarly article en Dejung, Simon; Liu, Mingyan; Lüder, Arndt; Weippl, Edgar https://www.dagstuhl.de/dagrep License: Creative Commons Attribution 4.0 license (CC BY 4.0)
when quoting this document, please refer to the following
DOI:
URN: urn:nbn:de:0030-drops-159273
URL:

; ; ;
Weitere Beteiligte (Hrsg. etc.): Simon Dejung and Mingyan Liu and Arndt Lüder and Edgar Weippl

Managing Industrial Control Systems Security Risks for Cyber Insurance (Dagstuhl Seminar 21451)

pdf-format:


Abstract

Industrial control systems (ICSs), such as production systems or critical infrastructures, are an attractive target for cybercriminals, since attacks against these systems may cause severe physical damages/material damages (PD/MD), resulting in business interruption (BI) and loss of profit (LOP). Besides financial loss, cyber-attacks against ICSs can also harm human health or the environment or even be used as a kind of weapon. Thus, it is of utmost importance to manage cyber risks throughout the ICS’s lifecycle (i.e., engineering, operation, decommissioning), especially in light of the ever-increasing threat level that is accompanied by the progressive digitization of industrial processes. However, asset owners may not be able to address security risks sufficiently, nor adequately quantify them in terms of their potential impact (physical and non-physical) and likelihood. A self-deceptive solution might be using insurance to transfer these risks and offload them from their balance sheet since the underlying problem remains unsolved. The reason for this is that the exposure for asset owners remains and mitigation measures may still not be implemented adequately while the insurance industry is onboarding unassessed risks and covering it often without premium and without managing the potential exposure of accumulated events. The Dagstuhl Seminar 21451 "Managing Industrial Control Systems Security Risks for Cyber Insurance" aimed to provide an interdisciplinary forum to analyze and discuss open questions and current topics of research in this area in order to gain in-depth insights into the security risks of ICSs and the quantification thereof.

BibTeX - Entry

@Article{dejung_et_al:DagRep.11.10.36,
  author =	{Dejung, Simon and Liu, Mingyan and L\"{u}der, Arndt and Weippl, Edgar},
  title =	{{Managing Industrial Control Systems Security Risks for Cyber Insurance (Dagstuhl Seminar 21451)}},
  pages =	{36--56},
  journal =	{Dagstuhl Reports},
  ISSN =	{2192-5283},
  year =	{2022},
  volume =	{11},
  number =	{10},
  editor =	{Dejung, Simon and Liu, Mingyan and L\"{u}der, Arndt and Weippl, Edgar},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/opus/volltexte/2022/15927},
  URN =		{urn:nbn:de:0030-drops-159273},
  doi =		{10.4230/DagRep.11.10.36},
  annote =	{Keywords: industrial control systems, security, cyber insurance, cyber risk quantification, production systems engineering, risk engineering, SCADA, Industry 4.0}
}

Keywords: industrial control systems, security, cyber insurance, cyber risk quantification, production systems engineering, risk engineering, SCADA, Industry 4.0
Seminar: DagRep, Volume 11, Issue 10
Issue date: 2022
Date of publication: 11.04.2022


DROPS-Home | Fulltext Search | Imprint | Privacy Published by LZI