The influence of optimism bias and loss aversion of cyber risk management decisions
Published 04 September, 2024
We are excited to announce the publication of the first article on the KeAi journal, Risk Sciences, by renowned experts on cyber risk management, Martin Eling from University of St. Gallen and Kwangmin Jung from Pohang University of Science and Technology.
The research article explores the influence of optimism bias on decision-making in cyber risk management, and introduces a novel model that integrates utility loss aversion — a previously unexplored factor in this context. The study finds that decision-makers who have self-protection as their primary reference point tend to underinvest in additional cyber risk management measures, providing support for the optimism bias observed in the cyber-insurance market. Additionally, individuals with higher levels of loss aversion demonstrate a reluctance to invest in supplementary cyber risk mitigation strategies.
Taken together, these findings offer an explanation for the low demand for cyber-insurance. This lack of investment not only affects corporate risk management strategies, but also has broader consequences for public policy and the management of systemic cyber risks that can have substantial economic and societal impacts. By introducing the concept of utility loss aversion, the study sheds light on the cognitive underpinnings that drive decision-making in cyber risk management, providing valuable insights for policymakers, businesses and individuals alike.
Contact author:
Kwangmin Jung, Department of Industrial and Management Engineering, POSTECH, South Korea. Email: kwjung@postech.ac.kr
Conflict of interest:
The author Martin Eling is an Editorial Board Member for Risk Sciences and was not involved in the editorial review or the decision to publish this article. The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.
See the article:
Eling M., Jung K., Optimism bias and its impact on cyber risk management decisions, Risk Sciences, Volume 1, 2024, 100001, https://doi.org/10.1016/j.risk.2024.100001.