Designing a cyber insurance implementation model using foundational data theory

Abstract The aim of the current research is to identify the factors affecting the implementation of cyber insurance among insurance companies in Iran. The current research is developmental and applicable in terms of its purpose, and is of qualitative methods. The statistical population of the research is specialists and experts in the field of cyber insurance, who have been identified using the snowball sampling method. Using the interview technique, the data was collected and then the data and categories were coded and classified using the MAXQDA software version 2020. The reliability of the research was measured using the Kappa coefficient. In the last stage, the research model is extracted based on the Strauss and Corbin model. Based on the results of the research, the causal factors were divided into scientific, technical, and network indicators. Insurance perspective with the title of intervening factor, analysis of the external and internal environment as well as marketing and paying attention to the executive arms as foundational factors, ecosystem approach and formulation of insurance strategy as a solution, and finally increasing the level of knowledge of the insurance company, safety and security of data, improvement of services and company income, and uncertainty about the operation of insurance are known as positive and negative consequences of cyber insurance. Extended Abstract Introduction With the emergence of the Internet and related information networks, people's need to use Internet and electronic services has also increased (Kshetri et al, 2020) and has changed the economic, social and cultural aspects of humans (Wang et al. et al., 2019). With the expansion of the Internet in the business of organizations, a space called cyber was created, which boosted business activities and interactions (Swiss Re, 2014; Chief Risk Officers Forum, 2014). On the other hand, the expansion of virtual spaces increased the concern of the managers of Internet companies. The risks caused by cyber-attacks and the care of data and privacy of people caused managers to consider themselves responsible for not properly monitoring the company (Uuganbayar et al, 2020). Furthermore, the emergence of various softwares, the risk of information theft in cyberspace, intrusion into individual lives and sometimes government systems has increased, and such a situation has jeopardized information security (Kshetri et al, 2020). Until