| 1. |
- Franke, Ulrik, 1981-, et al.
(författare)
-
Observable Cyber Risk on Cournot Oligopoly Data Storage Markets
- 2020
-
Ingår i: Risks. - : MDPI. - 2227-9091. ; 8:4
-
Tidskriftsartikel (refereegranskat)abstract
- With the emergence of global digital service providers, concerns about digital oligopolies have increased, with a wide range of potentially harmful effects being discussed. One of these relates to cyber security, where it has been argued that market concentration can increase cyber risk. Such a state of affairs could have dire consequences for insurers and reinsurers, who underwrite cyber risk and are already very concerned about accumulation risk. Against this background, the paper develops some theory about how convex cyber risk affects Cournot oligopoly markets of data storage. It is demonstrated that with constant or increasing marginal production cost, the addition of increasing marginal cyber risk cost decreases the differences between the optimal numbers of records stored by the oligopolists, in effect offsetting the advantage of lower marginal production cost. Furthermore, based on the empirical literature on data breach cost, two possibilities are found: (i) that such cyber risk exhibits decreasing marginal cost in the number of records stored and (ii) the opposite possibility that such cyber risk instead exhibits increasing marginal cost in the number of records stored. The article is concluded with a discussion of the findings and some directions for future research.
|
|
| 2. |
- Barreto, Carlos, et al.
(författare)
-
Duopoly insurers’ incentives for data quality under a mandatory cyber data sharing regime
- 2023
-
Ingår i: Computers & security (Print). - : Elsevier Ltd. - 0167-4048 .- 1872-6208. ; 131
-
Tidskriftsartikel (refereegranskat)abstract
- We study the impact of data sharing policies on cyber insurance markets. These policies have been proposed to address the scarcity of data about cyber threats, which is essential to manage cyber risks. We propose a Cournot duopoly competition model in which two insurers choose the number of policies they offer (i.e., their production level) and also the resources they invest to ensure the quality of data regarding the cost of claims (i.e., the data quality of their production cost). We find that enacting mandatory data sharing sometimes creates situations in which at most one of the two insurers invests in data quality, whereas both insurers would invest when information sharing is not mandatory. This raises concerns about the merits of making data sharing mandatory.
|
|
| 3. |
- Borg, Markus, et al.
(författare)
-
Illuminating a Blind Spot in Digitalization - Software Development in Sweden's Private and Public Sector
- 2020
-
Ingår i: Proceedings - 2020 IEEE/ACM 42nd International Conference on Software Engineering Workshops, ICSEW 2020. - New York, NY, USA : Association for Computing Machinery, Inc. - 9781450379632 ; , s. 299-302
-
Konferensbidrag (refereegranskat)abstract
- As Netscape co-founder Marc Andreessen famously remarked in 2011, software is eating the world - becoming a pervasive invisible critical infrastructure. Data on the distribution of software use and development in society is scarce, but we compile results from two novel surveys to provide a fuller picture of the role software plays in the public and private sectors in Sweden, respectively. Three out of ten Swedish firms, across industry sectors, develop software in-house. The corresponding figure for Sweden's government agencies is four out of ten, i.e., the public sector should not be underestimated. The digitalization of society will continue, thus the demand for software developers will further increase. Many private firms report that the limited supply of software developers in Sweden is directly affecting their expansion plans. Based on our findings, we outline directions that need additional research to allow evidence-informed policy-making. We argue that such work should ideally be conducted by academic researchers and national statistics agencies in collaboration. © 2020 ACM.
|
|
| 4. |
- Dexe, Jacob, et al.
(författare)
-
An Empirical Investigation of the Right to Explanation Under GDPR in Insurance
- 2020
-
Ingår i: Trust, Privacy and Security in Digital Business : TrustBus 2020 - TrustBus 2020. - Cham : Springer International Publishing. - 9783030589851 - 9783030589868 ; 12395, s. 125-139, s. 125-139
-
Bokkapitel (refereegranskat)abstract
- The GDPR aims at strengthening the rights of data subjects and to build trust in the digital single market. This is manifested by the introduction of a new principle of transparency. It is, however, not obvious what this means in practice: What kind of answers can be expected to GDPR requests citing the right to “meaningful information”? This is the question addressed in this article. Seven insurance companies, representing 90–95% of the Swedish home insurance market, were asked by consumers to disclose information about how premiums are set. Results are presented first giving descriptive statistics, then characterizing the pricing information given, and lastly describing the procedural information offered by insurers as part of their answers. Overall, several different approaches to answering the request can be discerned, including different uses of examples, lists, descriptions of logic, legal basis as well as data related to the process of answering the requests. Results are analyzed in light of GDPR requirements. A number of potential improvements are identified—at least three responses are likely to fail the undue delay requirement. The article is concluded with a discussion about future work.
|
|
| 5. |
- Dexe, Jacob, et al.
(författare)
-
Explaining automated decision-making: a multinational study of the GDPR right to meaningful information
- 2022
-
Ingår i: Geneva papers on risk and insurance. Issues and practice. - : Springer Nature. - 1018-5895 .- 1468-0440.
-
Tidskriftsartikel (refereegranskat)abstract
- The General Data Protection Regulation (GDPR) establishes a right for individuals to get access to information about automated decision-making based on their personal data. However, the application of this right comes with caveats. This paper investigates how European insurance companies have navigated these obstacles. By recruiting volunteering insurance customers, requests for information about how insurance premiums are set were sent to 26 insurance companies in Denmark, Finland, The Netherlands, Poland and Sweden. Findings illustrate the practice of responding to GDPR information requests and the paper identifies possible explanations for shortcomings and omissions in the responses. The paper also adds to existing research by showing how the wordings in the different language versions of the GDPR could lead to different interpretations. Finally, the paper discusses what can reasonably be expected from explanations in consumer oriented information.
|
|
| 6. |
- Dexe, Jacob, et al.
(författare)
-
Transparency and insurance professionals : a study of Swedish insurance practice attitudes and future development
- 2021
-
Ingår i: Geneva papers on risk and insurance. Issues and practice. - : Springer Nature. - 1018-5895 .- 1468-0440. ; 46:4, s. 547-572
-
Tidskriftsartikel (refereegranskat)abstract
- The insurance industry is being challenged by increased adoption of automated decision-making. AI advances could conceivably automate everything: marketing, customer service, underwriting and claims management alike. However, such automation challenges consumer trust, as there is considerable public and scholarly debate over the ‘black box’ character of many algorithms. Insurance being a business of trust, this suggests a dilemma. One suggested solution involves adopting algorithms in a transparent manner. This article reports a study of how Swedish insurers deal with this dilemma, based on (i) eight interviews with insurance professionals representing four companies with a joint market share of 45–50% of the Swedish property insurance market and (ii) a questionnaire answered by 71 professionals in a Swedish insurance company. The results show that while transparency is seen as potentially valuable, most Swedish insurers do not use it to gain a competitive advantage or identify clear limits to transparency and are not using AI extensively.
|
|
| 7. |
- Fazlollahi, Ariyan, et al.
(författare)
-
Measuring the impact of enterprise integration on firm performance using data envelopment analysis
- 2018
-
Ingår i: International Journal of Production Economics. - : Elsevier BV. - 0925-5273 .- 1873-7579. ; 200, s. 119-129
-
Tidskriftsartikel (refereegranskat)abstract
- Today, with rapidly developing technology and changing business models, organizations face rapid changes in both internal and external environments. To be able to rapidly respond to such changing environments, integration of software systems has become a top priority for many organizations. However, despite extensive use of software systems integration, quantitative methods for estimating the business value of such integrations are still missing. Using Data Envelopment Analysis (DEA) and the microeconomic concept of marginal rates, this study proposes a method for quantifying the effects of enterprise integration on the firm performance. In the paper, we explain how DEA can be used to evaluate the marginal benefits of enterprise integration. Our proposed method is to measure and compare the productive efficiency of firms using enterprise integration, specifically by relating the benefits produced to the resources consumed in the process. The method is illustrated on data collected from 12 organizations. The defined method has a solid theoretical foundation, eliminating the need for a priori information about the relationship between different measures. Furthermore, the framework could be used not only to quantify the business value of enterprise integration, but also to estimate trade-offs and impacts of other subjective managerial goals on the results. The major limitation of the proposed method is the absence of a comprehensive theory relating IT architecture changes to organizational outcomes. The underlying model is strongly dependent on the relevancy and accuracy of the included variables, as well as number of data units, introducing uncertainties to the outcomes of the model.
|
|
| 8. |
- Franke, Ulrik, 1981-, et al.
(författare)
-
A survey of cyber security in the Swedish manufacturing industry
- 2020
-
Ingår i: 2020 International Conference on Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA). - : IEEE. - 9781728166902
-
Konferensbidrag (refereegranskat)abstract
- In this paper we explore cyber security practices in Swedish manufacturing firms. Manufacturing is being transformed by new technologies under the label of smart industry or industry 4.0. Most of these technologies are either digital themselves or depend on digital connectivity. Their use is made possible by electronic sensors, actuators, and other devices as well as by data-driven analysis. This technological change entails a fundamental shift in risk and security as devices become interconnected, making information and control transmissible both within and to varying degree outside the firm's organization. These issues must be addressed to prevent both unintentional and intentional security incidents. Thus, there will be no smart industry without cyber security. Based on a sector-wide survey with 649 respondents (17% response rate) carried out in collaboration with the Association of Swedish Engineering Industries, we map risk perception and the controls put in place to address these risks across firms. We present three primary findings: (i) Compared to how firms value further investments in digitalization, risk perception related to cyber security issues is fairly low and business interruption is a greater cause for worry than data breach, (ii) there is a gap between the anticipated impact of digitalization and the perceived need for cyber security measures across business functions within firms, and (iii) the implementation of cyber security measures is still in its infancy with a significant bias towards technological measures, leaving organizational and social cyber security measures underrepresented. The paper is concluded with the identification of a few interesting follow-up questions for future work.
|
|
| 9. |
- Franke, Ulrik, 1981-
(författare)
-
Algorithmic Political Bias—an Entrenchment Concern
- 2022
-
Ingår i: Philosophy & Technology. - : Springer Science and Business Media B.V.. - 2210-5433 .- 2210-5441. ; 35:3
-
Tidskriftsartikel (refereegranskat)abstract
- This short commentary on Peters (Philosophy & Technology 35, 2022) identifies the entrenchment of political positions as one additional concern related to algorithmic political bias, beyond those identified by Peters. First, it is observed that the political positions detected and predicted by algorithms are typically contingent and largely explained by “political tribalism”, as argued by Brennan (2016). Second, following Hacking (1999), the social construction of political identities is analyzed and it is concluded that algorithmic political bias can contribute to such identities. Third, following Nozick (1989), it is argued that purist political positions may stand in the way of the pursuit of all worthy values and goals to be pursued in the political realm and that to the extent that algorithmic political bias entrenches political positions, it also hinders this healthy “zigzag of politics”. © 2022, The Author(s).
|
|
| 10. |
- Franke, Ulrik, 1981-
(författare)
-
Att utveckla och implementera cybersäkerhetspolicy : Lärdomar från den finansiella sektorn
- 2024
-
Ingår i: Statsvetenskaplig Tidskrift. - 0039-0747. ; 126:2, s. 251-272
-
Tidskriftsartikel (refereegranskat)abstract
- Modern society is increasingly dependent on digital services, making their dependability a top priority. But while there is a consensus that cybersecurity is important, there is no corresponding agreement on the true extent of the problem, the most effective countermeasures, or the proper division of labor and responsibilities. This makes cybersecurity policy very difficult. This article addresses this issue based on observations and experiences from a period of guest research at the Swedish Financial Supervisory Authority (Finansinspektionen), which made it possible to study how cybersecurity policy is developed and implemented in the Swedish financial sector. Observations include policy implementation challenges related to squaring different roles and perspectives mandated by different laws, and to collaboration between independent government authorities, but also policy development challenges: How can the full range of perspectives and tools be included in cybersecurity policy development? As Sweden now revises its cybersecurity policy, this is a key issue.
|
|
