Seguros informáticos
Autor(a) principal: | |
---|---|
Data de Publicação: | 2019 |
Tipo de documento: | Dissertação |
Idioma: | por |
Título da fonte: | Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
Texto Completo: | http://hdl.handle.net/10362/66761 |
Resumo: | Cybercrime and informatic risk have become more and more frequent threats, targeting small and medium-sized enterprises, among others. From a perspective of risk prevention, risk transfer and security, this phenomenon is associated with the insurance market, as cyber-insurance will increase exponentially, as a result of the demand and need for greater protection. In this sense, the present dissertation aims to provide a risk analysis framework to be included in the initial evaluation for the design of a cyber insurance. To that end, we analyzed the evolutions and investigations that already exist in this area, highlighting analysis variables on cyber risk, and applying vulnerability / tolerance metrics on their respective operational dimensions. At the same time, we cross the legal aspects and more recent diplomas, such as the GDPR and the Security in Cyberspace Law, with the object study. During the development of this project, it will be verified that the framework created will not only function as an auxiliary tool to understand the risk profile and the most vulnerable points of a company, but also to respond to the phenomenon, from the conception and choice of a policy, until the final approval of the insurer and conclusion of a cyber insurance contract. It is also intended to explain how this structure is incorporated in the perspective of the company and the insurer, producing workflows of procedures and adapting questionnaires for this type of insurance. It is important that this type of information is always included in an application for cyber insurance, in the assessment, calculation and analysis of the risk, disclosing the pertinence of such conduct in order to avoid misfortunes that are so frequent in the insurance industry, when checking claims and technical expertise occur. It can be exploited by teams of experts and evaluators / auditors, by mediation bodies, insurance brokers and even security and / or consulting departments. |
id |
RCAP_f8b43c160c6c127cb8eaded0e17423b2 |
---|---|
oai_identifier_str |
oai:run.unl.pt:10362/66761 |
network_acronym_str |
RCAP |
network_name_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
repository_id_str |
7160 |
spelling |
Seguros informáticoscontributos para uma framework de análise de risco a aplicar às ameaças emergentes no setor segurador e empresarial - esfera legal, alcance e potencialidadesseguros informáticossegurançacibercrimerisco informáticoapóliceempresasseguradorascyber-insurancesecuritycybercrimecyber-riskpolicyenterprisesinsurance companiesDireitoCybercrime and informatic risk have become more and more frequent threats, targeting small and medium-sized enterprises, among others. From a perspective of risk prevention, risk transfer and security, this phenomenon is associated with the insurance market, as cyber-insurance will increase exponentially, as a result of the demand and need for greater protection. In this sense, the present dissertation aims to provide a risk analysis framework to be included in the initial evaluation for the design of a cyber insurance. To that end, we analyzed the evolutions and investigations that already exist in this area, highlighting analysis variables on cyber risk, and applying vulnerability / tolerance metrics on their respective operational dimensions. At the same time, we cross the legal aspects and more recent diplomas, such as the GDPR and the Security in Cyberspace Law, with the object study. During the development of this project, it will be verified that the framework created will not only function as an auxiliary tool to understand the risk profile and the most vulnerable points of a company, but also to respond to the phenomenon, from the conception and choice of a policy, until the final approval of the insurer and conclusion of a cyber insurance contract. It is also intended to explain how this structure is incorporated in the perspective of the company and the insurer, producing workflows of procedures and adapting questionnaires for this type of insurance. It is important that this type of information is always included in an application for cyber insurance, in the assessment, calculation and analysis of the risk, disclosing the pertinence of such conduct in order to avoid misfortunes that are so frequent in the insurance industry, when checking claims and technical expertise occur. It can be exploited by teams of experts and evaluators / auditors, by mediation bodies, insurance brokers and even security and / or consulting departments.O cibercrime e o risco informático têm vindo a materializar-se sob a forma de ameaças cada vez mais frequentes e cujo alvo são, entre outras, pequenas e médias empresas. Numa ótica de segurança, prevenção e transferência de riscos, este fenómeno associa-se ao mercado segurador, na medida em que os seguros informáticos irão aumentar exponencialmente, fruto da procura e necessidade de uma maior proteção. Neste sentido, a presente dissertação tem como objetivo facultar uma framework de análise de risco a incorporar na avaliação inicial para a conceção de um seguro informático. Para tal, analisou-se as evoluções e investigações já existentes nesta matéria, destacando variáveis de análise sobre o risco informático, e aplicando métricas de vulnerabilidade/tolerância sobre as respetivas dimensões operacionais. Paralelamente, cruzam-se também os aspetos legais e mais recentes diplomas, como o RGPD e a Lei da Segurança no Ciberespaço, com a presente problemática. Durante o desenvolvimento deste ensaio, verifica-se que a framework criada não só funcionará como uma ferramenta auxiliar à compreensão do perfil de risco e dos pontos mais vulneráveis de uma empresa, como também permitirá dar uma resposta ao fenómeno, desde a conceção e escolha de apólices, até à aprovação final da seguradora e celebração de contrato de seguro informático. É ainda pretendido explanar de que forma esta estrutura se incorpora na ótica da empresa e da seguradora, produzindo-se workflows de procedimentos e adaptando questionários para este tipo de seguro. É importante que este tipo de informação seja sempre contemplada aquando de um pedido de seguro informático, na avaliação, cálculo e análise do risco, divulgando a pertinência de tal conduta de modo a evitar infortúnios que tão frequentes são na indústria seguradora, aquando da verificação de sinistros e peritagens técnicas. Pode vir a ser explorado por equipas de peritos e avaliadores/auditores, por entidades de mediação, corretoras de seguros e até departamentos de segurança e/ou consultoria.Fontes, JoséRUNFerreira, Carolina Rocha2020-04-10T00:30:54Z2019-04-102019-04-10T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisapplication/pdfhttp://hdl.handle.net/10362/66761TID:202214281porinfo:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2024-03-11T04:31:44Zoai:run.unl.pt:10362/66761Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-20T03:34:33.673581Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse |
dc.title.none.fl_str_mv |
Seguros informáticos contributos para uma framework de análise de risco a aplicar às ameaças emergentes no setor segurador e empresarial - esfera legal, alcance e potencialidades |
title |
Seguros informáticos |
spellingShingle |
Seguros informáticos Ferreira, Carolina Rocha seguros informáticos segurança cibercrime risco informático apólice empresas seguradoras cyber-insurance security cybercrime cyber-risk policy enterprises insurance companies Direito |
title_short |
Seguros informáticos |
title_full |
Seguros informáticos |
title_fullStr |
Seguros informáticos |
title_full_unstemmed |
Seguros informáticos |
title_sort |
Seguros informáticos |
author |
Ferreira, Carolina Rocha |
author_facet |
Ferreira, Carolina Rocha |
author_role |
author |
dc.contributor.none.fl_str_mv |
Fontes, José RUN |
dc.contributor.author.fl_str_mv |
Ferreira, Carolina Rocha |
dc.subject.por.fl_str_mv |
seguros informáticos segurança cibercrime risco informático apólice empresas seguradoras cyber-insurance security cybercrime cyber-risk policy enterprises insurance companies Direito |
topic |
seguros informáticos segurança cibercrime risco informático apólice empresas seguradoras cyber-insurance security cybercrime cyber-risk policy enterprises insurance companies Direito |
description |
Cybercrime and informatic risk have become more and more frequent threats, targeting small and medium-sized enterprises, among others. From a perspective of risk prevention, risk transfer and security, this phenomenon is associated with the insurance market, as cyber-insurance will increase exponentially, as a result of the demand and need for greater protection. In this sense, the present dissertation aims to provide a risk analysis framework to be included in the initial evaluation for the design of a cyber insurance. To that end, we analyzed the evolutions and investigations that already exist in this area, highlighting analysis variables on cyber risk, and applying vulnerability / tolerance metrics on their respective operational dimensions. At the same time, we cross the legal aspects and more recent diplomas, such as the GDPR and the Security in Cyberspace Law, with the object study. During the development of this project, it will be verified that the framework created will not only function as an auxiliary tool to understand the risk profile and the most vulnerable points of a company, but also to respond to the phenomenon, from the conception and choice of a policy, until the final approval of the insurer and conclusion of a cyber insurance contract. It is also intended to explain how this structure is incorporated in the perspective of the company and the insurer, producing workflows of procedures and adapting questionnaires for this type of insurance. It is important that this type of information is always included in an application for cyber insurance, in the assessment, calculation and analysis of the risk, disclosing the pertinence of such conduct in order to avoid misfortunes that are so frequent in the insurance industry, when checking claims and technical expertise occur. It can be exploited by teams of experts and evaluators / auditors, by mediation bodies, insurance brokers and even security and / or consulting departments. |
publishDate |
2019 |
dc.date.none.fl_str_mv |
2019-04-10 2019-04-10T00:00:00Z 2020-04-10T00:30:54Z |
dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
dc.type.driver.fl_str_mv |
info:eu-repo/semantics/masterThesis |
format |
masterThesis |
status_str |
publishedVersion |
dc.identifier.uri.fl_str_mv |
http://hdl.handle.net/10362/66761 TID:202214281 |
url |
http://hdl.handle.net/10362/66761 |
identifier_str_mv |
TID:202214281 |
dc.language.iso.fl_str_mv |
por |
language |
por |
dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
eu_rights_str_mv |
openAccess |
dc.format.none.fl_str_mv |
application/pdf |
dc.source.none.fl_str_mv |
reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação instacron:RCAAP |
instname_str |
Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
instacron_str |
RCAAP |
institution |
RCAAP |
reponame_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
collection |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
repository.name.fl_str_mv |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
repository.mail.fl_str_mv |
|
_version_ |
1799137967277604864 |