The cyber-insurance market in Norway
Information and Computer Security
ISSN: 2056-4961
Article publication date: 22 October 2019
Issue publication date: 3 April 2020
Abstract
Purpose
This paper aims to describe the cyber-insurance market in Norway but offers conclusions that are interesting to a wider audience.
Design/methodology/approach
The study is based on semi-structured interviews with supply-side actors: six general insurance companies, one marine insurance company and two insurance intermediaries.
Findings
The Norwegian cyber-insurance market supply-side has grown significantly in the past two years. The General Data Protection Regulation (GDPR) is found to have had a modest effect on the market so far but has been used by the supply-side as an icebreaker to discuss cyber-insurance with customers. The NIS Directive has had little or no impact on the Norwegian cyber-insurance market until now. Informants also indicate that Norway is still the least mature of the four Nordic markets.
Practical implications
Some policy lessons for different stakeholders are identified.
Originality/value
Empirical investigation of cyber-insurance is still rare, and the paper offers original insights on market composition and actor motivations, ambiguity of coverage, the NIS Directive and GDPR.
Keywords
Acknowledgements
The authors would like to thank all informants for agreeing to be interviewed and for generously sharing their insights. U. Franke was supported by the Swedish Civil Contingencies Agency, MSB, agreement no. 2015-6986.
Citation
Bahşi, H., Franke, U. and Friberg, E.L. (2020), "The cyber-insurance market in Norway", Information and Computer Security, Vol. 28 No. 1, pp. 54-67. https://doi.org/10.1108/ICS-01-2019-0012
Publisher
:Emerald Publishing Limited
Copyright © 2019, Emerald Publishing Limited