This talk reviews opportunities and challenges in establishing a market for cyber-insurance. It is argued that dealing with cyber- risks, regardless on which level (individual, organizational, national), needs some kind of risk transfer. However, lack of system diversity in network architectures imposes tight upper bounds on the supply of cyber-insurance, as homogeneous architectures share common vulnerabilities and this increases the variance of the loss distribution due to security incidents in insurers' portfolios. 
Hence, network architecture - and behind it the market structure of the ICT industry - is a significant factor in society's ability to manage and absorb cyber-risks. The talk outlines the basic economic models behind these arguments, presents conditions under which markets for cyber-insurance can exist, and discusses policy options to stimulate the adoption of cyber-insurance as well as possible alternative forms of cyber-risk transfer.

Dr. Rainer Boehme is a postdoctoral fellow in the Networking Group of  the International Computer Science Institute in Berkeley, supported by the German Academic Exchange Service (DAAD).  His research interests are economics of information security, multimedia forensics, privacy-enhancing technologies, and behavioral aspects of security and privacy. Boehme has co-authored a report for the European Union detailing policy recommendations for overcoming failures in the provision of information security. He holds an M.A. 
degree in Communication Science and Economics, and a PhD in Computer Science, both from Technische Universitaet Dresden in Germany. Before he obtained his PhD, Boehme worked in the European Central Bank's economics directorate and for its financial stability division.  Link to homepage:
http://www.inf.tu-dresden.de/index.php?node_id=489&ln=en