In recent years, researchers have proposed \emph{cyber-insurance} as a
suitable risk-management technique for enhancing security in Internet-like
distributed systems. However, amongst other factors, information asymmetry
between the insurer and the insured, and the inter-dependent and correlated
nature of cyber risks have contributed in a big way to the failure of
cyber-insurance markets. Security experts have argued in favor of operating
system (OS) platform switching (ex., from Windows to Unix-based OSs) or secure
OS adoption as being one of the techniques that can potentially mitigate the
problems posing a challenge to successful cyber-insurance markets. In this
regard we model OS platform switching dynamics using a \emph{social gossip}
mechanism and study three important questions related to the nature of the
dynamics, for Internet-like distributed systems: (i) which type of networks
should cyber-insurers target for insuring?, (ii) what are the bounds on the
asymptotic performance level of a network, where the performance parameter is
an average function of the long-run individual user willingness to adopt secure
OSs?, and (iii) how can cyber-insurers use the topological information of their
clients to incentivize/reward them during offering contracts? Our analysis is
important to a profit-minded cyber-insurer, who wants to target the right
network, design optimal contracts to resolve information asymmetry problems,
and at the same time promote the increase of overall network security through
increasing secure OS adoption amongst users.