Date / time
28/04/2026
1:00 pm - 2:00 pm
Virtual Lecture
Prevailing research suggests that private organizations are not significantly changing their behaviour in response to the huge threat from cyber risks. Although many organizations have formal cybersecurity policies in place, the majority believe they are insufficiently prepared for a data breach and have not devoted adequate time and resource to protect consumers’ electronic and paper-based information from data breaches. Drawing from extensive interviews and research, Prof Talesh explains why cyber insurers have not been more successful in curtailing breaches. He offers a “new institutional theory of insurance”, which explains how insurers shape the content and meaning of law among organizations that purchase insurance. In response to vague and fragmented privacy laws and a lack of strong government oversight, insurers offer cyber insurance and a series of risk-management services to their customers. These services convey legitimacy to the public and to insureds, but fall short of improving the robustness, rendering them largely symbolic. All that high-level technical tools introduced by cyber insurers and security companies have accomplished is to institutionalize a norm that policyholders need these tools to avoid cybersecurity incidents. Regulators and rating agencies defer to cyber insurers, without evidence that these tools actually improve security. This bubbles up even into private and governmental standards, regulations and laws that allow insurers tremendous space to shape cybersecurity policy in society. Insurance companies and affiliated entities are influencing what privacy law and cybersecurity compliance means on the ground. Prof Talesh makes recommendations for how insurers and governments can work together to improve cybersecurity and foster greater algorithmic justice.
Our Speaker
Shauhin Talesh is professor of law at the University of California, Irvine. He also holds appointments in Sociology and Criminology, Law & Society. His research interests include the empirical study of law and business organizations, dispute resolution, consumer protection, insurance, and the relationship between law and social inequality. Professor Talesh is considered one of the leading scholars on organizational responses to law and compliance and the relationship between insurance, regulation and inequality. His most recent research focuses on how cyber insurance and insurance companies shape cybersecurity and privacy law compliance among private organizations. He previously published multiple articles on how insurance companies, through employment practice liability insurance, construct the meaning of compliance with anti-discrimination laws. In 2019, Professor Talesh was selected for the inaugural class of UC Irvine Beall Applied Innovation Faculty Innovation Fellows, a program established “to recognize faculty who have a record of translating their society-impacting research as well as to make them ambassadors for UCI’s innovation culture.” In 2022, Professor Talesh was elected a Fellow of the American Bar Foundation (ABF). Membership is limited to just one percent of lawyers licensed to practice in each jurisdiction. Talesh’s scholarship has appeared in multiple law and peer-reviewed social science journals including Law and Society Review, Law & Social Inquiry, and Law & Policy, and has won multiple awards in Sociology, Political Science and Law & Society.