IREK – AESM: Institutional Repository of Economic Knowledge
Cyber Insurance: International Standards and Practices
JavaScript is disabled for your browser. Some features of this site may not work without it.
| dc.contributor.author | Belinschi, Ghenadie
|
|
| dc.date.accessioned | 2026-05-22T08:09:52Z | |
| dc.date.available | 2026-05-22T08:09:52Z | |
| dc.date.issued | 2026 | |
| dc.identifier.issn | 3100-5527 | |
| dc.identifier.uri | https://irek.ase.md:443/xmlui/handle/123456789/4975 | |
| dc.description | BELINSCHI, Ghenadie. Cyber Insurance: International Standards and Practices. Online. In: Proceedings of the 29th International Scientific Conference Competitiveness and Innovation in the Knowledge Economy, Chișinău, Moldova, September 26-27, 2025. București: Editura ASE, 2026, pp. 515-521. ISSN 3100-5527. Disponibil: https://doi.org/10.24818/cike2025.63 | en_US |
| dc.description.abstract | Access risks have become a central factor in digital and operational resilience. This paper examines how unauthorized access – physical, digital, and organizational – can precipitate to systemic losses in maritime heavy cargo logistics, where information technology (IT) and operational technology (OT) are tightly coupled. Case studies, such as Transnet (South Africa, 2021) and Nagoya Port (Japan, 2023), illustrate the economic impact of compromised access controls, ranging from crane downtime to full port disruption. The study provides a taxonomy of access risks, including unauthorized physical entry, compromise of OT systems, remote intrusions, supply-chain access, Internet-of-Things (IoT) exposure, and insider threats. International standards such as IMO MSC.428(98), BIMCO guidelines, IACS UR E26/E27, the NIST Cybersecurity Framework, ISO/IEC 27001, and IEC 62443 are reviewed as frameworks that define baseline security requirements and influence insurability. These standards converge on the premise that measurable and auditable controls are essential for sustainable insurance coverage. A proposed insurance model defines coverage scope (first-party and third-party losses), minimum entry requirements (e.g., multi-factor authentication (MFA) for privileged access, IT/OT network segmentation, offline backups), and maturity zones (green, mixed, red) that calibrate premiums and coverage limits. The model introduces measurable indicators such as time to revoke user rights, orphan accounts, RBAC drift, and traceability of PDP/PEP actions. Incentive mechanisms (tariff adjustments, deductibles, limits, warranties, and parametric triggers) align insurer and insured behavior around these metrics. By linking engineering-level access controls with actuarial and underwriting practices, the research bridges a persistent gap between cybersecurity management and risk transfer. The findings emphasize that effective insurance of access-related risks requires transparent metrics, adherence international standards, and collaborative monitoring practices. In conclusion, access insurance is not merely a financial buffer but a governance instrument, that supports operational continuity and strengthens accountability in the maritime logistics sector. JEL: G22, K32, L92 | en_US |
| dc.language.iso | en | en_US |
| dc.publisher | ASE | en_US |
| dc.subject | access risks | en_US |
| dc.subject | maritime logistics | en_US |
| dc.subject | cyber insurance | en_US |
| dc.subject | information security | en_US |
| dc.subject | risk management | en_US |
| dc.title | Cyber Insurance: International Standards and Practices | en_US |
| dc.type | Article | en_US |
