The cyber-insurance market in Norway

Hayretdin Bahşi, Ulrik Franke, Even Langfeldt Friberg

Research output: Contribution to journalArticlepeer-review

14 Scopus citations

Abstract

Purpose: This paper aims to describe the cyber-insurance market in Norway but offers conclusions that are interesting to a wider audience. Design/methodology/approach: The study is based on semi-structured interviews with supply-side actors: six general insurance companies, one marine insurance company and two insurance intermediaries. Findings: The Norwegian cyber-insurance market supply-side has grown significantly in the past two years. The General Data Protection Regulation (GDPR) is found to have had a modest effect on the market so far but has been used by the supply-side as an icebreaker to discuss cyber-insurance with customers. The NIS Directive has had little or no impact on the Norwegian cyber-insurance market until now. Informants also indicate that Norway is still the least mature of the four Nordic markets. Practical implications: Some policy lessons for different stakeholders are identified. Originality/value: Empirical investigation of cyber-insurance is still rare, and the paper offers original insights on market composition and actor motivations, ambiguity of coverage, the NIS Directive and GDPR.

Original languageEnglish (US)
Pages (from-to)54-67
Number of pages14
JournalInformation and Computer Security
Volume28
Issue number1
DOIs
StatePublished - Apr 3 2020
Externally publishedYes

Keywords

  • Cyber-insurance
  • GDPR
  • Insurance adoption
  • Insurance coverage
  • NIS directive
  • Norway

ASJC Scopus subject areas

  • Management Information Systems
  • Software
  • Information Systems
  • Computer Networks and Communications
  • Information Systems and Management
  • Management of Technology and Innovation

Fingerprint

Dive into the research topics of 'The cyber-insurance market in Norway'. Together they form a unique fingerprint.

Cite this