印尼資安保險可行定價模型的研究

Abstract

None

The optimistic outlook of Indonesia being one of the future major global economies through digital economy has rapidly impacted the country and its players to incentivize the growth of its internet development. On the flip side, the internet infrastructure in Indonesia has yet to keep up with the trend and is unable to sufficiently withstand or manage the risk associated with such sudden and rapid growth. Articles covering cyber incidents including hacking, data breaches, and ransomware have been increasingly painting the news media board, but the same cannot be said for its mitigation strategy. In response to this phenomenon, a study concerning one of such strategies, namely designing and pricing cyber insurance, is conducted mainly through literature review methods of secondary data from formal reports, dissertations, and news articles publically available. The research results reveal that a tabular premium structure is preferred, with rates ranging from IDR 101 million to IDR 8,687 million per annual data breach coverage, base premium rate ranging from IDR 96 million to IDR 2,351 million per annual ransomware coverage, deductibles of IDR 15 million to IDR 7.5 billion, and policy limits of IDR 1.5 billion to IDR 75 billion. They are further adjusted by factors of the insured company’s annual revenue; business sector; level of cyber, network, and data security; and cyber loss experience. The study also discovers that the current existing product pricing may not be sufficient to cover the recent risk nature and should be heightened. Ethical concerns for ransomware coverage payment are necessary to be addressed chiefly through severe punishments by law. Through these research findings, insurance companies may be inspired to tap and expand into the cyber insurance business, while placing critical significance on claim experience monitoring once the product is in force.