Research output

The law and economics of cyber risk pooling

Research output: Contribution to journalArticleAcademicpeer-review

Associated researcher

Associated organisations


In this paper, we study the law and economics of cyber risk pooling arrangements: risk sharing without an insurer. We start our discussion with the current theoretical foundations for risk shifting in cyber security. We subsequently discuss cyber risk pooling in relation to individual risk management and cyber insurance. This leads to the formulation of conditions for effective risk pooling in cyber security. We show that pooling, under some circumstances, may be more effective than cyber insurance. The main question for future research is whether risk pools in cyber security are capable of compartmentalization of risks and whether transaction costs of monitoring can be kept sufficiently low.

    Research areas

  • risk pools, risk sharing, cyber security, mutual insurance
View graph of relations


Original languageEnglish
Pages (from-to)923-963
JournalNYU Journal of Law & Business
Issue number3
Publication statusPublished - 2018