Seguros informáticos

Detalhes bibliográficos
Autor(a) principal: Ferreira, Carolina Rocha
Data de Publicação: 2019
Tipo de documento: Dissertação
Idioma: por
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: http://hdl.handle.net/10362/66761
Resumo: Cybercrime and informatic risk have become more and more frequent threats, targeting small and medium-sized enterprises, among others. From a perspective of risk prevention, risk transfer and security, this phenomenon is associated with the insurance market, as cyber-insurance will increase exponentially, as a result of the demand and need for greater protection. In this sense, the present dissertation aims to provide a risk analysis framework to be included in the initial evaluation for the design of a cyber insurance. To that end, we analyzed the evolutions and investigations that already exist in this area, highlighting analysis variables on cyber risk, and applying vulnerability / tolerance metrics on their respective operational dimensions. At the same time, we cross the legal aspects and more recent diplomas, such as the GDPR and the Security in Cyberspace Law, with the object study. During the development of this project, it will be verified that the framework created will not only function as an auxiliary tool to understand the risk profile and the most vulnerable points of a company, but also to respond to the phenomenon, from the conception and choice of a policy, until the final approval of the insurer and conclusion of a cyber insurance contract. It is also intended to explain how this structure is incorporated in the perspective of the company and the insurer, producing workflows of procedures and adapting questionnaires for this type of insurance. It is important that this type of information is always included in an application for cyber insurance, in the assessment, calculation and analysis of the risk, disclosing the pertinence of such conduct in order to avoid misfortunes that are so frequent in the insurance industry, when checking claims and technical expertise occur. It can be exploited by teams of experts and evaluators / auditors, by mediation bodies, insurance brokers and even security and / or consulting departments.
id RCAP_f8b43c160c6c127cb8eaded0e17423b2
oai_identifier_str oai:run.unl.pt:10362/66761
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling Seguros informáticoscontributos para uma framework de análise de risco a aplicar às ameaças emergentes no setor segurador e empresarial - esfera legal, alcance e potencialidadesseguros informáticossegurançacibercrimerisco informáticoapóliceempresasseguradorascyber-insurancesecuritycybercrimecyber-riskpolicyenterprisesinsurance companiesDireitoCybercrime and informatic risk have become more and more frequent threats, targeting small and medium-sized enterprises, among others. From a perspective of risk prevention, risk transfer and security, this phenomenon is associated with the insurance market, as cyber-insurance will increase exponentially, as a result of the demand and need for greater protection. In this sense, the present dissertation aims to provide a risk analysis framework to be included in the initial evaluation for the design of a cyber insurance. To that end, we analyzed the evolutions and investigations that already exist in this area, highlighting analysis variables on cyber risk, and applying vulnerability / tolerance metrics on their respective operational dimensions. At the same time, we cross the legal aspects and more recent diplomas, such as the GDPR and the Security in Cyberspace Law, with the object study. During the development of this project, it will be verified that the framework created will not only function as an auxiliary tool to understand the risk profile and the most vulnerable points of a company, but also to respond to the phenomenon, from the conception and choice of a policy, until the final approval of the insurer and conclusion of a cyber insurance contract. It is also intended to explain how this structure is incorporated in the perspective of the company and the insurer, producing workflows of procedures and adapting questionnaires for this type of insurance. It is important that this type of information is always included in an application for cyber insurance, in the assessment, calculation and analysis of the risk, disclosing the pertinence of such conduct in order to avoid misfortunes that are so frequent in the insurance industry, when checking claims and technical expertise occur. It can be exploited by teams of experts and evaluators / auditors, by mediation bodies, insurance brokers and even security and / or consulting departments.O cibercrime e o risco informático têm vindo a materializar-se sob a forma de ameaças cada vez mais frequentes e cujo alvo são, entre outras, pequenas e médias empresas. Numa ótica de segurança, prevenção e transferência de riscos, este fenómeno associa-se ao mercado segurador, na medida em que os seguros informáticos irão aumentar exponencialmente, fruto da procura e necessidade de uma maior proteção. Neste sentido, a presente dissertação tem como objetivo facultar uma framework de análise de risco a incorporar na avaliação inicial para a conceção de um seguro informático. Para tal, analisou-se as evoluções e investigações já existentes nesta matéria, destacando variáveis de análise sobre o risco informático, e aplicando métricas de vulnerabilidade/tolerância sobre as respetivas dimensões operacionais. Paralelamente, cruzam-se também os aspetos legais e mais recentes diplomas, como o RGPD e a Lei da Segurança no Ciberespaço, com a presente problemática. Durante o desenvolvimento deste ensaio, verifica-se que a framework criada não só funcionará como uma ferramenta auxiliar à compreensão do perfil de risco e dos pontos mais vulneráveis de uma empresa, como também permitirá dar uma resposta ao fenómeno, desde a conceção e escolha de apólices, até à aprovação final da seguradora e celebração de contrato de seguro informático. É ainda pretendido explanar de que forma esta estrutura se incorpora na ótica da empresa e da seguradora, produzindo-se workflows de procedimentos e adaptando questionários para este tipo de seguro. É importante que este tipo de informação seja sempre contemplada aquando de um pedido de seguro informático, na avaliação, cálculo e análise do risco, divulgando a pertinência de tal conduta de modo a evitar infortúnios que tão frequentes são na indústria seguradora, aquando da verificação de sinistros e peritagens técnicas. Pode vir a ser explorado por equipas de peritos e avaliadores/auditores, por entidades de mediação, corretoras de seguros e até departamentos de segurança e/ou consultoria.Fontes, JoséRUNFerreira, Carolina Rocha2020-04-10T00:30:54Z2019-04-102019-04-10T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisapplication/pdfhttp://hdl.handle.net/10362/66761TID:202214281porinfo:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2024-03-11T04:31:44Zoai:run.unl.pt:10362/66761Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-20T03:34:33.673581Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv Seguros informáticos
contributos para uma framework de análise de risco a aplicar às ameaças emergentes no setor segurador e empresarial - esfera legal, alcance e potencialidades
title Seguros informáticos
spellingShingle Seguros informáticos
Ferreira, Carolina Rocha
seguros informáticos
segurança
cibercrime
risco informático
apólice
empresas
seguradoras
cyber-insurance
security
cybercrime
cyber-risk
policy
enterprises
insurance companies
Direito
title_short Seguros informáticos
title_full Seguros informáticos
title_fullStr Seguros informáticos
title_full_unstemmed Seguros informáticos
title_sort Seguros informáticos
author Ferreira, Carolina Rocha
author_facet Ferreira, Carolina Rocha
author_role author
dc.contributor.none.fl_str_mv Fontes, José
RUN
dc.contributor.author.fl_str_mv Ferreira, Carolina Rocha
dc.subject.por.fl_str_mv seguros informáticos
segurança
cibercrime
risco informático
apólice
empresas
seguradoras
cyber-insurance
security
cybercrime
cyber-risk
policy
enterprises
insurance companies
Direito
topic seguros informáticos
segurança
cibercrime
risco informático
apólice
empresas
seguradoras
cyber-insurance
security
cybercrime
cyber-risk
policy
enterprises
insurance companies
Direito
description Cybercrime and informatic risk have become more and more frequent threats, targeting small and medium-sized enterprises, among others. From a perspective of risk prevention, risk transfer and security, this phenomenon is associated with the insurance market, as cyber-insurance will increase exponentially, as a result of the demand and need for greater protection. In this sense, the present dissertation aims to provide a risk analysis framework to be included in the initial evaluation for the design of a cyber insurance. To that end, we analyzed the evolutions and investigations that already exist in this area, highlighting analysis variables on cyber risk, and applying vulnerability / tolerance metrics on their respective operational dimensions. At the same time, we cross the legal aspects and more recent diplomas, such as the GDPR and the Security in Cyberspace Law, with the object study. During the development of this project, it will be verified that the framework created will not only function as an auxiliary tool to understand the risk profile and the most vulnerable points of a company, but also to respond to the phenomenon, from the conception and choice of a policy, until the final approval of the insurer and conclusion of a cyber insurance contract. It is also intended to explain how this structure is incorporated in the perspective of the company and the insurer, producing workflows of procedures and adapting questionnaires for this type of insurance. It is important that this type of information is always included in an application for cyber insurance, in the assessment, calculation and analysis of the risk, disclosing the pertinence of such conduct in order to avoid misfortunes that are so frequent in the insurance industry, when checking claims and technical expertise occur. It can be exploited by teams of experts and evaluators / auditors, by mediation bodies, insurance brokers and even security and / or consulting departments.
publishDate 2019
dc.date.none.fl_str_mv 2019-04-10
2019-04-10T00:00:00Z
2020-04-10T00:30:54Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/masterThesis
format masterThesis
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/10362/66761
TID:202214281
url http://hdl.handle.net/10362/66761
identifier_str_mv TID:202214281
dc.language.iso.fl_str_mv por
language por
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv
_version_ 1799137967277604864

Registros relacionados