Abstract
Cyber risk is a fast-growing area of interest and companies have to include it in their risk management framework. Modelling frequency and severity of cyber incidents is a crucial step in actuarial valuations related to cyber insurance, a way of transferring part of the residual cyber risk to a third party. In the last years, data breaches seem to be the main cause of cyber incidents. Aim of this paper is to give further insights about frequency and severity statistical distributions, by analyzing the Chronology of Data Breaches provided by the Privacy Rights Clearinghouse.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Allianz Global Corporate and Specialty. Allianz Risk Barometer: Top Business Risks for 2021. Report (2021). https://www.agcs.allianz.com/news-and-insights/reports/allianz-risk-barometer.html. Accessed 10 Feb 2021
Bentley, M., Stephenson, A., Toscas, P., Zhu, Z.: A multivariate model to quantify and mitigate cybersecuity risk. Risks 8, 61 (2020)
Carfora, M.F., Martinelli, F., Mercaldo, F., Orlando, A.: Cyber risk management: an actuarial point of view. J. Oper. Risk (2019). https://doi.org/10.21314/JOP.2019.231
Edwards, B., Hofmeyr, S., Forrest, S.: Hype and heavy tails: a closer look at data breaches. J. Cybersecur. (2016). https://doi.org/10.1093/cybsec/tyw003
Eling, M., Jung, K.: Copula approaches for modeling cross sectional dependence of data breach losses. Insur. Math. Econ. 82, 167–180 (2018)
Eling, M., Loperfido, N.: Data breaches: goodness of fit, pricing, and risk measurement. Insur. Math. Econ. 75, 126–136 (2017)
Marotta, A., Martinelli, F., Nanni, S., Orlando, A., Yautsiukhin, A.: Cyber-insurance survey. Comput. Sci. Rev. 24, 35–61 (2017)
Weathley, S., Hofmann, H., Sornette, D.: Data breaches in the catastrophe framework and beyond. arXiv:1901.00699v2 (2019). arxiv.org/abs/1901.00699v2
Woods W.D., Böhme, R.: SoK: quantifying cyber risk. In: 2021 IEEE Symposium on Security and Privacy (SP) (2021)
OECD. Types of cyber incidents and losses. In: Enhancing the Role of Insurance in Cyber Risk Management. OECD Publishing, Paris (2017). https://doi.org/10.1787/9789264282148
Privacy Rights Clearinghouse. Chronology of data breaches (2022). https://privacyrights.org/data-breaches
Sun, H., Xu, M., Zhao, P.: Modeling Malicious Hacking Data Breach Risks. North Am. Actuar. J. (2021). https://doi.org/10.1080/10920277.2020.1752255
Xu, M., Schweitzer, K.M., Bateman, R.M., Xu, S.: Modeling and predicting cyber hacking breaches. IEEE Trans. Inf. Forensics Secur. (2018). https://doi.org/10.1109/TIFS.2018.2834227
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Carfora, M.F., Orlando, A. (2022). Cyber Risk: Estimates for Malicious and Negligent Breaches Distributions. In: Corazza, M., Perna, C., Pizzi, C., Sibillo, M. (eds) Mathematical and Statistical Methods for Actuarial Sciences and Finance. MAF 2022. Springer, Cham. https://doi.org/10.1007/978-3-030-99638-3_23
Download citation
DOI: https://doi.org/10.1007/978-3-030-99638-3_23
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-99637-6
Online ISBN: 978-3-030-99638-3
eBook Packages: Mathematics and StatisticsMathematics and Statistics (R0)