{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,24]],"date-time":"2026-01-24T15:57:00Z","timestamp":1769270220267,"version":"3.49.0"},"reference-count":106,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2021,5,25]],"date-time":"2021-05-25T00:00:00Z","timestamp":1621900800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS 1616575"],"award-info":[{"award-number":["CNS 1616575"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Manage. Inf. Syst."],"published-print":{"date-parts":[[2021,6,30]]},"abstract":"\n Service liability interconnections among networked IT and IoT-driven service organizations create potential channels for cascading service disruptions due to modern cybercrimes such as DDoS, APT, and ransomware attacks. These attacks are known to inflict cascading catastrophic service disruptions worth billions of dollars across organizations and critical infrastructure around the globe. Cyber-insurance is a risk management mechanism that is gaining increasing industry popularity to cover client (organization) risks after a cyber-attack. However, there is a certain likelihood that the nature of a successful attack is of such magnitude that an organizational client\u2019s insurance provider is not able to cover the multi-party aggregate losses incurred upon itself by its clients and their descendants in the supply chain, thereby needing to re-insure itself via other cyber-insurance firms. To this end, one question worth investigating in the first place is\n whether an ecosystem comprising a set of profit-minded cyber-insurance companies, each capable of providing re-insurance services for a service-networked IT environment, is economically feasible to cover the aggregate cyber-losses arising due to a cyber-attack.<\/jats:italic>\n Our study focuses on an empirically interesting case of\n extreme heavy tailed cyber-risk distributions<\/jats:italic>\n that might be presenting themselves to cyber-insurance firms in the modern Internet age in the form of catastrophic service disruptions, and could be a possible standard risk distribution to deal with in the near IoT age. Surprisingly, as a negative result for society in the event of such catastrophes,\n we prove via a game-theoretic analysis<\/jats:italic>\n that it\n may not be economically incentive compatible<\/jats:italic>\n ,\n even under i.i.d. statistical conditions<\/jats:bold>\n on\n catastrophic<\/jats:bold>\n cyber-risk distributions, for limited liability-taking risk-averse cyber-insurance companies to offer cyber re-insurance solutions\n despite the existence of large enough market capacity to achieve full cyber-risk sharing.<\/jats:italic>\n However, our analysis\n theoretically endorses<\/jats:italic>\n the popular opinion that\n spreading i.i.d. cyber-risks<\/jats:bold>\n that are\n not catastrophic<\/jats:bold>\n is an effective practice for aggregate cyber-risk managers, a result established theoretically and empirically in the past. A failure to achieve a working re-insurance market in critically demanding situations after catastrophic cyber-risk events strongly calls for centralized government regulatory action\/intervention to promote risk sharing through re-insurance activities for the benefit of service-networked societies in the IoT age.\n <\/jats:p>","DOI":"10.1145\/3446635","type":"journal-article","created":{"date-parts":[[2021,5,25]],"date-time":"2021-05-25T12:55:51Z","timestamp":1621947351000},"page":"1-36","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":14,"title":["Will Catastrophic Cyber-Risk Aggregation Thrive in the IoT Age? A Cautionary Economics Tale for (Re-)Insurers and Likes"],"prefix":"10.1145","volume":"12","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2791-4606","authenticated-orcid":false,"given":"Ranjan","family":"Pal","sequence":"first","affiliation":[{"name":"University of Michigan, Ann Arbor, Michigan, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ziyuan","family":"Huang","sequence":"additional","affiliation":[{"name":"University of Michigan, Ann Arbor, Michigan, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sergey","family":"Lototsky","sequence":"additional","affiliation":[{"name":"University of Southern California, Los Angeles, California, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xinlong","family":"Yin","sequence":"additional","affiliation":[{"name":"University of Michigan, Ann Arbor, Michigan, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mingyan","family":"Liu","sequence":"additional","affiliation":[{"name":"University of Michigan, Ann Arbor, Michigan, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jon","family":"Crowcroft","sequence":"additional","affiliation":[{"name":"University of Cambridge, UK, Alan Turing Institute, Cambridge, UK"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Nishanth","family":"Sastry","sequence":"additional","affiliation":[{"name":"University of Surrey, UK, King\u2019s College London, Guildford, Surrey, UK"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Swades","family":"De","sequence":"additional","affiliation":[{"name":"Indian Institute of Technology Delhi, Hauz Khas, New Delhi, India"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Bodhibrata","family":"Nag","sequence":"additional","affiliation":[{"name":"Indian Institute of Management Calcutta, Kolkata, India"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2021,5,25]]},"reference":[{"key":"e_1_2_2_1_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0378-4266(02)00281-9"},{"key":"e_1_2_2_2_1","doi-asserted-by":"publisher","DOI":"10.1086\/262109"},{"key":"e_1_2_2_3_1","doi-asserted-by":"publisher","DOI":"10.1098\/rsta.2009.0027"},{"key":"e_1_2_2_4_1","doi-asserted-by":"publisher","DOI":"10.1111\/1467-9965.00068"},{"key":"e_1_2_2_5_1","unstructured":"Robert B. Ash B. Robert Catherine A. Doleans-Dade and A. Catherine. 2000. Probability and Measure Theory. Academic Press."},{"key":"e_1_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.1016\/0035-5054(93)90023-V"},{"key":"e_1_2_2_7_1","unstructured":"Richard S. Betterley. 2017. Cyber\/privacy insurance market survey. The Betterley Report."},{"key":"e_1_2_2_8_1","doi-asserted-by":"publisher","DOI":"10.1057\/gpp.2014.19"},{"key":"e_1_2_2_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/FOCS.2011.38"},{"key":"e_1_2_2_10_1","volume-title":"WEIS","volume":"2","author":"B\u00f6hme Rainer","year":"2006","unstructured":"Rainer B\u00f6hme and Gaurav Kataria. 2006. Models and measures for correlation in cyber-insurance. In WEIS, Vol. 2. 3 pages."},{"key":"e_1_2_2_11_1","first-page":"161","article-title":"A fundamental approach to cyber risk analysis","volume":"12","author":"B\u00f6hme Rainer","year":"2019","unstructured":"Rainer B\u00f6hme, Stefan Laube, and Markus Riek. 2019. A fundamental approach to cyber risk analysis. Variance 12, 2 (2019), 161--185.","journal-title":"Variance"},{"key":"e_1_2_2_12_1","volume-title":"et\u00a0al","author":"B\u00f6hme Rainer","year":"2010","unstructured":"Rainer B\u00f6hme, Galina Schwartz, et\u00a0al. 2010. Modeling cyber-insurance: Towards a unifying framework. In WEIS."},{"key":"e_1_2_2_13_1","volume-title":"Uppaluri Siva Ramachandra Murty, et\u00a0al","author":"Bondy John Adrian","year":"1976","unstructured":"John Adrian Bondy, Uppaluri Siva Ramachandra Murty, et\u00a0al. 1976. Graph Theory with Applications. Vol. 290. Macmillan London."},{"key":"e_1_2_2_14_1","volume-title":"Theory of Financial Risk and Derivative Pricing: From Statistical Physics to Risk Management","author":"Bouchaud Jean-Philippe","unstructured":"Jean-Philippe Bouchaud and Marc Potters. 2003. Theory of Financial Risk and Derivative Pricing: From Statistical Physics to Risk Management. Cambridge University Press."},{"key":"e_1_2_2_15_1","volume-title":"Convex Optimization","author":"Boyd Stephen","unstructured":"Stephen Boyd and Lieven Vandenberghe. 2004. Convex Optimization. Cambridge University Press."},{"key":"e_1_2_2_16_1","volume-title":"The government as reinsurer of catastrophe risks?Geneva Papers on Risk and Insurance-Issues and Practice 35, 3","author":"Bruggeman V\u00e9ronique","year":"2010","unstructured":"V\u00e9ronique Bruggeman, Michael G. Faure, and Karine Fiore. 2010. The government as reinsurer of catastrophe risks?Geneva Papers on Risk and Insurance-Issues and Practice 35, 3 (2010), 369\u2013390."},{"key":"e_1_2_2_17_1","first-page":"92","article-title":"An executive\u2019s guide to the Internet of Things","volume":"4","author":"Bughin Jacques","year":"2015","unstructured":"Jacques Bughin, Michael Chui, and James Manyika. 2015. An executive\u2019s guide to the Internet of Things. McKinsey Quarterly 4 (2015), 92\u2013101.","journal-title":"McKinsey Quarterly"},{"key":"e_1_2_2_18_1","first-page":"24","article-title":"IT doesn\u2019t matter","volume":"38","author":"Carr Nicholas G.","year":"2003","unstructured":"Nicholas G. Carr. 2003. IT doesn\u2019t matter. Educause Review 38 (2003), 24\u201338.","journal-title":"Educause Review"},{"key":"e_1_2_2_19_1","unstructured":"Robert L. Carter. 2013. Reinsurance. Springer Science & Business Media."},{"key":"e_1_2_2_20_1","volume-title":"The hackers holding hospitals to ransom. BMJ: British Medical Journal (Online) 357","author":"Chinthapalli Krishna","year":"2017","unstructured":"Krishna Chinthapalli. 2017. The hackers holding hospitals to ransom. BMJ: British Medical Journal (Online) 357 (2017)."},{"key":"e_1_2_2_21_1","doi-asserted-by":"publisher","DOI":"10.1007\/PL00012580"},{"key":"e_1_2_2_22_1","volume-title":"Solving Cyber Risk: Protecting Your Company and Society","author":"Coburn Andrew","unstructured":"Andrew Coburn, Eireann Leverett, and Gordon Woo. 2018. Solving Cyber Risk: Protecting Your Company and Society. Wiley."},{"key":"e_1_2_2_23_1","unstructured":"Wikipedia Contributors. 2018. 2007 cyberattacks on Estonia. Wikipedia."},{"key":"e_1_2_2_24_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jbankfin.2006.01.008"},{"key":"e_1_2_2_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00019"},{"key":"e_1_2_2_26_1","doi-asserted-by":"publisher","DOI":"10.2307\/2298061"},{"key":"e_1_2_2_27_1","doi-asserted-by":"publisher","DOI":"10.1093\/cybsec\/tyw003"},{"key":"e_1_2_2_29_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ejor.2018.07.021"},{"key":"e_1_2_2_30_1","volume-title":"Modelling Extremal Events: For Insurance and Finance","author":"Embrechts Paul","unstructured":"Paul Embrechts, Claudia Kl\u00fcppelberg, and Thomas Mikosch. 2013. Modelling Extremal Events: For Insurance and Finance. Vol. 33. Springer Science & Business Media."},{"key":"e_1_2_2_31_1","volume-title":"Correlation and dependence in risk management: Properties and pitfalls. Risk Management: Value at Risk and Beyond 1","author":"Embrechts Paul","year":"2002","unstructured":"Paul Embrechts, Alexander McNeil, and Daniel Straumann. 2002. Correlation and dependence in risk management: Properties and pitfalls. Risk Management: Value at Risk and Beyond 1 (2002), 176\u2013223."},{"key":"e_1_2_2_32_1","volume-title":"Statistical Distributions","author":"Forbes Catherine","unstructured":"Catherine Forbes, Merran Evans, Nicholas Hastings, and Brian Peacock. 2011. Statistical Distributions. John Wiley & Sons."},{"key":"e_1_2_2_33_1","volume-title":"Systemic risk, interbank relations, and liquidity provision by the central bank. Journal of Money, Credit and Banking","author":"Freixas Xavier","year":"2000","unstructured":"Xavier Freixas, Bruno M. Parigi, and Jean-Charles Rochet. 2000. Systemic risk, interbank relations, and liquidity provision by the central bank. Journal of Money, Credit and Banking (2000), 611\u2013638."},{"key":"e_1_2_2_34_1","doi-asserted-by":"publisher","DOI":"10.1111\/j.1540-6261.1993.tb05123.x"},{"key":"e_1_2_2_35_1","volume-title":"Proceedings of the Royal Society of London A: Mathematical, Physical and Engineering Sciences. The Royal Society, rspa20090410","author":"Gai Prasanna","year":"2010","unstructured":"Prasanna Gai and Sujit Kapadia. 2010. Contagion in financial networks. In Proceedings of the Royal Society of London A: Mathematical, Physical and Engineering Sciences. The Royal Society, rspa20090410."},{"key":"e_1_2_2_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOM.2005.1498374"},{"key":"e_1_2_2_37_1","doi-asserted-by":"publisher","DOI":"10.1086\/226707"},{"key":"e_1_2_2_38_1","unstructured":"Andy Greenberg. 2017. How an entire nation became Russia\u2019s test lab for cyberwar."},{"key":"e_1_2_2_39_1","volume-title":"The Untold Story of NotPetya, the Most Devastating Cyberattack in History","author":"Greenberg Andy","unstructured":"Andy Greenberg. 2018. The Untold Story of NotPetya, the Most Devastating Cyberattack in History. Vol. 22."},{"key":"e_1_2_2_40_1","unstructured":"Steve Grobman. 2018. When nation-states hack the private sector for intellectual property. The Hill."},{"key":"e_1_2_2_41_1","unstructured":"Kat Hall. 2017. UK hospital meltdown after ransomware worm uses NSA vuln to raid IT."},{"key":"e_1_2_2_42_1","first-page":"7","article-title":"Copula-based actuarial model for pricing cyber-insurance policies","volume":"2","author":"Herath Hemantha","year":"2011","unstructured":"Hemantha Herath and Tejaswini Herath. 2011. Copula-based actuarial model for pricing cyber-insurance policies. Insurance Markets and Companies: Analyses and Actuarial Computations 2, 1 (2011), 7\u201320.","journal-title":"Insurance Markets and Companies: Analyses and Actuarial Computations"},{"key":"e_1_2_2_43_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10713-007-0004-2"},{"key":"e_1_2_2_44_1","unstructured":"Glyn A. Holton. 2003. Value-at-Risk. Academic Press."},{"key":"e_1_2_2_45_1","doi-asserted-by":"publisher","DOI":"10.1080\/14697680802629384"},{"key":"e_1_2_2_46_1","doi-asserted-by":"publisher","DOI":"10.1093\/rfs\/hhn021"},{"key":"e_1_2_2_47_1","unstructured":"Risk Management Solutions Inc. 2016. Managing Cyber Insurance Accumulation Risk."},{"key":"e_1_2_2_48_1","doi-asserted-by":"crossref","unstructured":"B. Johnson R. Bohme and J. Grossklags. 2011. Security games with market insurance. In GameSec.","DOI":"10.1007\/978-3-642-25280-8_11"},{"key":"e_1_2_2_49_1","doi-asserted-by":"publisher","DOI":"10.1111\/j.1539-6975.2013.12007.x"},{"key":"e_1_2_2_50_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2018.2812205"},{"key":"e_1_2_2_51_1","doi-asserted-by":"publisher","DOI":"10.1016\/S1361-3723(17)30050-7"},{"key":"e_1_2_2_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2015.2408598"},{"key":"e_1_2_2_53_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNSE.2018.2805720"},{"key":"e_1_2_2_54_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNSE.2017.2738843"},{"key":"e_1_2_2_55_1","volume-title":"Internet: The case for insurance","author":"Lelarge M.","year":"2009","unstructured":"M. Lelarge and J. Bolot. 2009a. Economic incentives to increase security in the Internet: The case for insurance. In IEEE INFOCOM."},{"key":"e_1_2_2_56_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOM.2009.5062066"},{"key":"e_1_2_2_57_1","unstructured":"Mark Li. 2018. SCOR paper. (2018)."},{"key":"e_1_2_2_58_1","doi-asserted-by":"publisher","DOI":"10.1140\/epjb\/e2009-00347-4"},{"key":"e_1_2_2_59_1","doi-asserted-by":"publisher","DOI":"10.1140\/epjb\/e2010-00120-8"},{"key":"e_1_2_2_60_1","doi-asserted-by":"publisher","DOI":"10.1214\/aos\/1176342873"},{"key":"e_1_2_2_61_1","volume-title":"Arnold","author":"Marshall Albert W.","year":"1979","unstructured":"Albert W. Marshall, Ingram Olkin, and Barry C. Arnold. 1979. Inequalities: Theory of Majorization and Its Applications. Vol. 143. Springer."},{"key":"e_1_2_2_62_1","volume-title":"Game Theory","author":"Maschler Michael Solan Eilan","unstructured":"Solan Eilan Maschler Michael, and Zamir Shmuel. 2013. Game Theory, Vol. 979. pp. xxvi. Cambridge University Press."},{"key":"e_1_2_2_63_1","volume-title":"et\u00a0al","author":"McNeil Alexander J.","year":"2015","unstructured":"Alexander J. McNeil, R\u00fcdiger Frey, Paul Embrechts, et\u00a0al. 2015. Quantitative risk management: Concepts. Economics Books (2015)."},{"key":"e_1_2_2_64_1","unstructured":"Pascal Millaire. 2016. 3 reasons why the insurance industry will never be the same after the Mirai DDoS attack."},{"key":"e_1_2_2_65_1","doi-asserted-by":"publisher","DOI":"10.1002\/rsa.3240060204"},{"key":"e_1_2_2_66_1","doi-asserted-by":"publisher","DOI":"10.1017\/S0963548398003526"},{"key":"e_1_2_2_67_1","volume-title":"Business Innovation through Blockchain","author":"Morabito Vincenzo","unstructured":"Vincenzo Morabito. 2017. The security of blockchain systems. In Business Innovation through Blockchain. Springer, 61\u201378."},{"key":"e_1_2_2_68_1","doi-asserted-by":"publisher","DOI":"10.1111\/1467-937X.00121"},{"key":"e_1_2_2_69_1","doi-asserted-by":"publisher","DOI":"10.5555\/2747904.2748212"},{"key":"e_1_2_2_70_1","volume-title":"Workshop on the Economics of Information Security (WEIS\u201914)","author":"Naghizadeh Parinaz","year":"2014","unstructured":"Parinaz Naghizadeh and Mingyan Liu. 2014. Voluntary participation in cyber-insurance markets. In Workshop on the Economics of Information Security (WEIS\u201914)."},{"key":"e_1_2_2_71_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2016.7524353"},{"key":"e_1_2_2_72_1","doi-asserted-by":"publisher","DOI":"10.1103\/PhysRevE.64.026118"},{"key":"e_1_2_2_73_1","unstructured":"Oracle. 2019. The impact of emerging technology on CX excellence. Oracle Report."},{"key":"e_1_2_2_74_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS.2010.79"},{"key":"e_1_2_2_75_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-25280-8_12"},{"key":"e_1_2_2_76_1","doi-asserted-by":"publisher","DOI":"10.1145\/3351158"},{"key":"e_1_2_2_77_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2014.6847944"},{"key":"e_1_2_2_78_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2017.2684801"},{"key":"e_1_2_2_79_1","doi-asserted-by":"publisher","DOI":"10.1145\/3273996.3273999"},{"key":"e_1_2_2_80_1","doi-asserted-by":"publisher","DOI":"10.1109\/WSC48552.2020.9384103"},{"key":"e_1_2_2_81_1","doi-asserted-by":"publisher","DOI":"10.5555\/3466184.3466541"},{"key":"e_1_2_2_82_1","volume-title":"Aggregate cyber-risk management in the IoT age: Cautionary statistics for (re) insurers and likes","author":"Pal Ranjan","year":"2020","unstructured":"Ranjan Pal, Ziyuan Huang, Xinlong Yin, Sergey Lototsky, Swades De, Sasu Tarkoma, Mingyan Liu, Jon Crowcroft, and Nishanth Sastry. 2020c. Aggregate cyber-risk management in the IoT age: Cautionary statistics for (re) insurers and likes. IEEE Internet of Things Journal (2020)."},{"key":"e_1_2_2_83_1","doi-asserted-by":"publisher","DOI":"10.1145\/3386159"},{"key":"e_1_2_2_84_1","doi-asserted-by":"publisher","DOI":"10.1080\/02664763.2018.1436701"},{"key":"e_1_2_2_85_1","doi-asserted-by":"publisher","DOI":"10.1214\/aoms\/1177699798"},{"key":"e_1_2_2_86_1","volume-title":"double that of","author":"DeNisco Rayome Alison","year":"2016","unstructured":"Alison DeNisco Rayome. 2017. 33% of businesses hit by DDoS attack in 2017, double that of 2016. TechRepublic (Nov. 2017). Retrieved from https:\/\/www.techrepublic.com\/article\/33-of-businesses-hit-by-ddos-attack-in-2017-double-that-of-2016\/."},{"key":"e_1_2_2_87_1","doi-asserted-by":"publisher","DOI":"10.1093\/cybsec\/tyy004"},{"key":"e_1_2_2_88_1","volume-title":"Bloomberg Businessweek","volume":"4","author":"Robertson Jordan","year":"2018","unstructured":"Jordan Robertson and Michael Riley. 2018. The big hack: How china used a tiny chip to infiltrate us companies. Bloomberg Businessweek, vol. 4."},{"key":"e_1_2_2_89_1","volume-title":"Comments to the Department of Commerce on Incentives to Adopt Improved Cyber-Security Practices","author":"Romanovsky S.","year":"2013","unstructured":"S. Romanovsky. 2013. Comments to the Department of Commerce on Incentives to Adopt Improved Cyber-Security Practices. April 2013."},{"key":"e_1_2_2_90_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.14"},{"key":"e_1_2_2_91_1","volume-title":"On subspaces of Lp. Annals of Mathematics","author":"Rosenthal Haskell P.","year":"1973","unstructured":"Haskell P. Rosenthal. 1973. On subspaces of Lp. Annals of Mathematics (1973), 344\u2013373."},{"key":"e_1_2_2_92_1","volume-title":"Introduction to Probability Models","author":"Ross Sheldon M.","unstructured":"Sheldon M. Ross. 2014. Introduction to Probability Models. Academic Press."},{"key":"e_1_2_2_93_1","doi-asserted-by":"publisher","DOI":"10.1016\/0022-0531(70)90038-4"},{"key":"e_1_2_2_94_1","volume-title":"International Business in the Information and Digital Age","author":"Wu Xinyi","unstructured":"Xinyi Wu and Gary Gereffi. 2018. Amazon and Alibaba: Internet governance, business models, and internationalization strategies. In International Business in the Information and Digital Age. Emerald Publishing Limited."},{"key":"e_1_2_2_95_1","doi-asserted-by":"publisher","DOI":"10.2307\/2329779"},{"key":"e_1_2_2_96_1","volume-title":"Economics of Information Security and Privacy","author":"Shetty Nikhil","unstructured":"Nikhil Shetty, Galina Schwartz, Mark Felegyhazi, and Jean Walrand. 2010. Competitive cyber-insurance and internet security. In Economics of Information Security and Privacy. Springer, 229\u2013247."},{"key":"e_1_2_2_97_1","volume-title":"Apple Stock: Analyzing 5 Key Customers (AAPL). Investopedia.","author":"Tracy Thom","year":"2016","unstructured":"Thom Tracy. 2016. Apple Stock: Analyzing 5 Key Customers (AAPL). Investopedia."},{"key":"e_1_2_2_98_1","volume-title":"Zolotarev","author":"Uchaikin Vladimir V.","year":"2011","unstructured":"Vladimir V. Uchaikin and Vladimir M. Zolotarev. 2011. Chance and Stability: Stable Distributions and Their Applications. Walter de Gruyter."},{"key":"e_1_2_2_99_1","doi-asserted-by":"publisher","DOI":"10.1073\/pnas.082090499"},{"key":"e_1_2_2_100_1","unstructured":"Jonathan William Welburn and Aaron Strong. 2019. Systemic Cyber Risk and Aggregate Impacts. RAND."},{"key":"e_1_2_2_101_1","doi-asserted-by":"publisher","DOI":"10.1140\/epjb\/e2015-60754-4"},{"key":"e_1_2_2_102_1","unstructured":"Zack Whittaker. 2016. Mirai botnet attack hits thousands of home routers throwing users offline. ZDNet 29."},{"key":"e_1_2_2_103_1","unstructured":"Benjamin Wootton. 2017. Who\u2019s using Amazon web services?Contingo."},{"key":"e_1_2_2_104_1","doi-asserted-by":"publisher","DOI":"10.1080\/10920277.2019.1566076"},{"key":"e_1_2_2_105_1","doi-asserted-by":"publisher","DOI":"10.1080\/00401706.2016.1256841"},{"key":"e_1_2_2_106_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2018.2834227"},{"key":"e_1_2_2_107_1","volume-title":"One-Dimensional Stable Distributions","author":"Zolotarev Vladimir M.","unstructured":"Vladimir M. Zolotarev. 1986. One-Dimensional Stable Distributions. Vol. 65. American Mathematical Society."}],"container-title":["ACM Transactions on Management Information Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3446635","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3446635","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3446635","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T20:47:31Z","timestamp":1750193251000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3446635"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,5,25]]},"references-count":106,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2021,6,30]]}},"alternative-id":["10.1145\/3446635"],"URL":"https:\/\/doi.org\/10.1145\/3446635","relation":{},"ISSN":["2158-656X","2158-6578"],"issn-type":[{"value":"2158-656X","type":"print"},{"value":"2158-6578","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,5,25]]},"assertion":[{"value":"2020-03-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2020-12-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2021-05-25","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}