ORCID
https://orcid.org/0009-0009-4190-8262
Date of Award
Fall 2025
Language
English
Embargo Period
8-5-2026
Document Type
Dissertation
Degree Name
Doctor of Philosophy (PhD)
College/School/Department
Department of Information Science and Technology
Program
Information Science
First Advisor
Kimberly A. Cornell
Committee Members
Omer Keskin, C. Ariel Pinto, Unal Tatar
Keywords
Ransomware Attacks, Cyber Risk Management, Cyber Insurance, NIST Cybersecurity Framework, Quantitative Modeling, Organizational Resilience
Subject Categories
Business Analytics | Business Intelligence | Cybersecurity | Data Science | Information Security | Insurance | Management Sciences and Quantitative Methods | Risk Analysis | Statistical Methodology | Statistical Models
Abstract
The increasing frequency and severity of ransomware attacks pose significant challenges for organizational cybersecurity. Fragmentation across disciplines in cyber defense has created practical gaps in the development of the necessary capabilities needed to address rapidly evolving cyber threats. This study explores the impact of ransomware attacks and the evolving role of cyber insurance as a proactive cybersecurity partner. Bridging the gap between actuarial science and cyber risk management, it proposes an interdisciplinary framework that quantifies the impact of ransomware and integrates cyber insurance into cybersecurity strategies.
The primary contribution of this study is methodology. We present a framework that remains applicable and adaptable as more recent ransomware incident data becomes available. Future researchers can use this framework to analyze the fast evolving ransomware risks and mitigation strategies.
Drawing on a filtered dataset of ransomware incidents from the Advisen Cyber Loss Database (2018–2020), the study employs a generalized linear model (GLM) with Gamma regression to examine the impact of vulnerability, technology, settlement length, and external connection on expected financial losses. Bootstrapping is used to assess the robustness of a model. Findings reveal that these socio-technical factors significantly shape the severity of ransomware losses, highlighting the importance of carefully designed mitigation strategies.
The research further develops a matrix-based framework aligned with the NIST Cybersecurity Framework, mapping pre-incident and post-incident cyber insurance services to each of the five risk management functions (Identify, Protect, Detect, Respond, and Recover). This integration highlights cyber insurance as a provider of expert services that enhance resilience and reduce vulnerability for organizations.
This study contributes to both theory and practice by providing a quantitative basis for ransomware risk assessment and offering valuable insights into the potential of cyber insurance as an integral component of cybersecurity governance. It concludes with policy and managerial recommendations, outlining future research directions that involve AI-enhanced risk modeling and qualitative investigations of organizational dynamics in ransomware response.
License
This work is licensed under the University at Albany Standard Author Agreement.
Recommended Citation
Huang, Li, "Safeguard Cyberspace in Ransomware Era: Risk Analysis & Cyber Insurance" (2025). Electronic Theses & Dissertations (2024 - present). 295.
https://scholarsarchive.library.albany.edu/etd/295
Included in
Business Analytics Commons, Business Intelligence Commons, Cybersecurity Commons, Data Science Commons, Information Security Commons, Insurance Commons, Management Sciences and Quantitative Methods Commons, Risk Analysis Commons, Statistical Methodology Commons, Statistical Models Commons