The price tag of cyber risk: A signal-processing approach

The cyber risk insurance market is rapidly developing in consideration of the potentially huge losses attributed to cyberattacks. This requires the insurance business to have a valuation and risk management framework that will enable cyber insurance policy issuers to fulfil their future obligations....

Full description

Saved in:
Bibliographic Details
Published in:IEEE access 2023-01, Vol.11, p.1-1
Main Authors: Li, Yuying, Mamon, Rogemar
Format: Article
Language:English
Subjects:
Algorithms
Business
Companies
Computer crime
Cyber insurance
Cybercrime
Cybersecurity
Hidden Markov models
HMM filters
Insurance
Insurance (contracts)
Kalman filters
Markov analysis
Markov chains
Markov processes
Modelling
Parameter estimation
premium calculation
Pricing
regime-switching Markov model
Risk management
Transition probabilities
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The cyber risk insurance market is rapidly developing in consideration of the potentially huge losses attributed to cyberattacks. This requires the insurance business to have a valuation and risk management framework that will enable cyber insurance policy issuers to fulfil their future obligations. We present such a framework for cyber risk modelling, wherein the cyberattacks' occurrences as well as their inter-arrival and duration are captured by a regime-switching Markov model (RSMM). In this customised RSMM, the transition probabilities of the Markov chain are governed by another hidden Markov chain representing the various states of the cyber security environment. A self-calibrating mechanism is provided via filtering and a cyber kill chain is built based on the stages of the cyberattack. With the aid of change of reference probability measures and the EM algorithm, the estimators for the transition matrix are derived. Our main point of interest is the random losses from cyberattacks, which are assumed to follow a doubly-truncated Pareto distribution. The Vasiček model is utilised to describe the interest rate process for the discounting of losses. The premium for a cyber security insurance contract is calculated with the use of a simulated data set based on two pricing principles. Our methodology featuring dynamic parameter estimation and flexible adjustments in modelling various risk factors widens the available tools for pricing and cyber risk management.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2023.3272572