FlipIn: A Game-Theoretic Cyber Insurance Framework for Incentive-Compatible Cyber Risk Management of Internet of Things

Internet of Things (IoT) is highly vulnerable to emerging Advanced Persistent Threats (APTs) that are often operated by well-resourced adversaries. Achieving perfect security for IoT networks is often cost-prohibitive if not impossible. Cyber insurance is a valuable mechanism to mitigate cyber risks for IoT systems. In this work, we propose a bi-level game-theoretic framework called FlipIn to design incentive-compatible and welfare-maximizing cyber insurance contracts. The framework captures the strategic interactions among APT attackers, IoT defenders, and cyber insurance insurers, and incorporates influence networks to assess the systemic cyber risks of interconnected IoT devices. The FlipIn framework formulates a game over networks within a principal-agent problem of moral-hazard type to design a cyber risk-aware insurance contract. We completely characterize the equilibrium solutions of the bi-level games for a network of distributed defenders and a semi-homogeneous centralized defender and show that the optimal insurance contracts cover half of the defenders' losses. Our framework predicts the risk compensation of defenders and the Peltzman effect of insurance. We study a centralized security management scenario and its decentralized counterpart, and leverage numerical experiments to show that network connectivity plays an important role in the security of the IoT devices and the insurability of both distributed and centralized defenders.