Firewall Wizards mailing list archives

Re: Lloyds to offer hacker insurance

From: "Joseph S. D. Yao" <jsdy () cospo osis gov>
Date: Tue, 28 Apr 1998 11:42:17 -0400 (EDT)

Adam Shostack wrote:

I'm very curious as to what people think of the idea of insurance for
infosec failures.  Will it encourage standards of due dilligence and
due care for the industry, the way bank insurance has driven bank
safes to be stronger and stronger?


I'm sure that it will, so it's a good thing. ...


Being aware of how the insurance industry's insidious coils have
affected other fields, I'm not so sure.  In the medical field, you can
see how on the one hand insurance causes doctors to do CYA testing that
might not normally be necessary, and on the other hand [managed care]
to not do things that would be beneficial but less profitable.  In many
other fields, and even in the Red Cross, many ideas are submitted to
and killed by "Risk Management", which is another name for "can we do
this without the insurance guys getting a gleam in their eyes" - or, in
some cases, it IS the insurance guys saying "how can we make sure we
never have to pay out."

Sorry, Marcus.  While I will admit the obvious benefits of a fair and
impartial insurance system, any more insurance companies are just
forcing people to do things in such a way that they (the insurance
companies) are all profit and no [or little] loss.

Not to mention - sort of an opposite gripe - in some cases insurance is
compelling or impelling people to do silly things, just because "the
insurance covers it."  Which is probably why the insurance companies
decided to try to take that kind of control ...

--
Joe Yao                         jsdy () cospo osis gov - Joseph S. D. Yao
COSPO Computer Support                                          EMT-A/B
-----------------------------------------------------------------------
        PLEASE ... send or Cc: all "COSPO Computer Support" mail to
                        sys-adm () cospo osis gov
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.

Current thread:

Lloyds to offer hacker insurance Adam Shostack (Apr 27)
- Re: Lloyds to offer hacker insurance Marcus J. Ranum (Apr 27)
  - Re: Lloyds to offer hacker insurance Paul D. Robertson (Apr 27)
  - Re: Lloyds to offer hacker insurance David Lang (Apr 28)
    - RE: Lloyds to offer hacker insurance Kevin Tyrrell (Apr 29)
    - RE: Lloyds to offer hacker insurance Randy Taylor (Apr 29)
  - Re: Lloyds to offer hacker insurance Joseph S. D. Yao (Apr 28)
- <Possible follow-ups>
- Re: Lloyds to offer hacker insurance Steve Bellovin (Apr 29)
- RE: Lloyds to offer hacker insurance Todd Radermacher (Apr 29)