The Price Tag of Cyber Risk: A Signal-Processing Approach
The cyber risk insurance market is rapidly developing in consideration of the potentially huge losses attributed to cyberattacks. This requires the insurance business to have a valuation and risk management framework that will enable cyber insurance policy issuers to fulfil their future obligations....
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2023-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/10114384/ |
| _version_ | 1797829154318581760 |
|---|---|
| author | Yuying Li Rogemar Mamon |
| author_facet | Yuying Li Rogemar Mamon |
| author_sort | Yuying Li |
| collection | DOAJ |
| description | The cyber risk insurance market is rapidly developing in consideration of the potentially huge losses attributed to cyberattacks. This requires the insurance business to have a valuation and risk management framework that will enable cyber insurance policy issuers to fulfil their future obligations. We present such a framework for cyber risk modelling, wherein the cyberattacks’ occurrences as well as their inter-arrival and duration are captured by a regime-switching Markov model (RSMM). In this customised RSMM, the transition probabilities of the Markov chain are governed by another hidden Markov chain representing the various states of the cyber security environment. A self-calibrating mechanism is provided via filtering and a cyber kill chain is built based on the stages of the cyberattack. With the aid of change of reference probability measures and the EM algorithm, the estimators for the transition matrix are derived. Our main point of interest is the random losses from cyberattacks, which are assumed to follow a doubly-truncated Pareto distribution. The Vasiček model is utilised to describe the interest rate process for the discounting of losses. The premium for a cyber security insurance contract is calculated with the use of a simulated data set based on two pricing principles. Our methodology featuring dynamic parameter estimation and flexible adjustments in modelling various risk factors widens the available tools for pricing and cyber risk management. |
| first_indexed | 2024-04-09T13:15:53Z |
| format | Article |
| id | doaj.art-a9a26169dfdf4bb79f04b892575c769d |
| institution | Directory Open Access Journal |
| issn | 2169-3536 |
| language | English |
| last_indexed | 2024-04-09T13:15:53Z |
| publishDate | 2023-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj.art-a9a26169dfdf4bb79f04b892575c769d2023-05-11T23:00:45ZengIEEEIEEE Access2169-35362023-01-0111442944431810.1109/ACCESS.2023.327257210114384The Price Tag of Cyber Risk: A Signal-Processing ApproachYuying Li0https://orcid.org/0000-0002-2116-347XRogemar Mamon1https://orcid.org/0000-0003-0885-7685Department of Statistical and Actuarial Sciences, The University of Western Ontario, London, ON, CanadaDepartment of Statistical and Actuarial Sciences, The University of Western Ontario, London, ON, CanadaThe cyber risk insurance market is rapidly developing in consideration of the potentially huge losses attributed to cyberattacks. This requires the insurance business to have a valuation and risk management framework that will enable cyber insurance policy issuers to fulfil their future obligations. We present such a framework for cyber risk modelling, wherein the cyberattacks’ occurrences as well as their inter-arrival and duration are captured by a regime-switching Markov model (RSMM). In this customised RSMM, the transition probabilities of the Markov chain are governed by another hidden Markov chain representing the various states of the cyber security environment. A self-calibrating mechanism is provided via filtering and a cyber kill chain is built based on the stages of the cyberattack. With the aid of change of reference probability measures and the EM algorithm, the estimators for the transition matrix are derived. Our main point of interest is the random losses from cyberattacks, which are assumed to follow a doubly-truncated Pareto distribution. The Vasiček model is utilised to describe the interest rate process for the discounting of losses. The premium for a cyber security insurance contract is calculated with the use of a simulated data set based on two pricing principles. Our methodology featuring dynamic parameter estimation and flexible adjustments in modelling various risk factors widens the available tools for pricing and cyber risk management.https://ieeexplore.ieee.org/document/10114384/Cyber insuranceHMM filterspremium calculationregime-switching Markov model |
| spellingShingle | Yuying Li Rogemar Mamon The Price Tag of Cyber Risk: A Signal-Processing Approach IEEE Access Cyber insurance HMM filters premium calculation regime-switching Markov model |
| title | The Price Tag of Cyber Risk: A Signal-Processing Approach |
| title_full | The Price Tag of Cyber Risk: A Signal-Processing Approach |
| title_fullStr | The Price Tag of Cyber Risk: A Signal-Processing Approach |
| title_full_unstemmed | The Price Tag of Cyber Risk: A Signal-Processing Approach |
| title_short | The Price Tag of Cyber Risk: A Signal-Processing Approach |
| title_sort | price tag of cyber risk a signal processing approach |
| topic | Cyber insurance HMM filters premium calculation regime-switching Markov model |
| url | https://ieeexplore.ieee.org/document/10114384/ |
| work_keys_str_mv | AT yuyingli thepricetagofcyberriskasignalprocessingapproach AT rogemarmamon thepricetagofcyberriskasignalprocessingapproach AT yuyingli pricetagofcyberriskasignalprocessingapproach AT rogemarmamon pricetagofcyberriskasignalprocessingapproach |