Cyber Insurance and the Management of Information Security Risk
There is no business endeavor with profit motive, yet without attendant risks. Businesses must face risk in their pursuit of return on investment. Risk as opposed to uncertainty is more manageable -- often we are able to ascribe an informed mathematical probability on its realization, and assign an expect value of the concomitant loss. The particular type of risk that we discuss here concerns utilization of information assets in businesses and the risks arising thereof -- the information security risks or cyber risks.
Bandyopadhyay, Tridib. "Cyber Insurance and the Management of Information Security Risk." Readings and Cases in Information Security: Law and Ethics. Eds. Michael E. Whitman and Herbert J. Mattord. Boston: Course Technology, 2011. 75-84.