IDEAS home Printed from https://ideas.repec.org/a/eee/insuma/v101y2021ipbp525-546.html
   My bibliography  Save this article

Multivariate dependence among cyber risks based on L-hop propagation

Author

Listed:
  • Da, Gaofeng
  • Xu, Maochao
  • Zhao, Peng

Abstract

Dependence among cyber risks has been an essential and challenging component of risk management. The current study characterizes cyber dependence from both qualitative and quantitative perspectives based on L-hop propagation model. From the qualitative side, it is shown that cyber risks always possess positive association based on the proposed risk propagation model. From the quantitative side, an explicit formula for computing the fundamental dependence measure of covariance is provided for an arbitrary network. In particular, we study the impacts of factors—especially external and internal compromise probabilities, propagation depth, and network topologies—on dependence among cyber risks. We conclude by presenting some examples and applications.

Suggested Citation

  • Da, Gaofeng & Xu, Maochao & Zhao, Peng, 2021. "Multivariate dependence among cyber risks based on L-hop propagation," Insurance: Mathematics and Economics, Elsevier, vol. 101(PB), pages 525-546.
    • Handle: RePEc:eee:insuma:v:101:y:2021:i:pb:p:525-546
    DOI: 10.1016/j.insmatheco.2021.09.005
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0167668721001451
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.insmatheco.2021.09.005?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Eling, Martin & Jung, Kwangmin, 2018. "Copula approaches for modeling cross-sectional dependence of data breach losses," Insurance: Mathematics and Economics, Elsevier, vol. 82(C), pages 167-180.
    2. Khouzani, MHR. & Liu, Zhengliang & Malacaria, Pasquale, 2019. "Scalable min-max multi-objective cyber-security optimisation over probabilistic attack graphs," European Journal of Operational Research, Elsevier, vol. 278(3), pages 894-903.
    3. Terrence August & Tunay I. Tunca, 2011. "Who Should Be Responsible for Software Security? A Comparative Analysis of Liability Policies in Network Environments," Management Science, INFORMS, vol. 57(5), pages 934-959, May.
    4. Martin Eling & Werner Schnell, 2016. "What do we know about cyber risk and cyber risk insurance?," Journal of Risk Finance, Emerald Group Publishing Limited, vol. 17(5), pages 474-491, November.
    5. Kunreuther, Howard & Heal, Geoffrey, 2003. "Interdependent Security," Journal of Risk and Uncertainty, Springer, vol. 26(2-3), pages 231-249, March-May.
    6. Simon, Jay & Omar, Ayman, 2020. "Cybersecurity investments in the supply chain: Coordination and a strategic attacker," European Journal of Operational Research, Elsevier, vol. 282(1), pages 161-171.
    7. Hamed Amini & Andreea Minca, 2016. "Inhomogeneous Financial Networks and Contagious Links," Operations Research, INFORMS, vol. 64(5), pages 1109-1120, October.
    8. Rob Kaas & Marc Goovaerts & Jan Dhaene & Michel Denuit, 2008. "Modern Actuarial Risk Theory," Springer Books, Springer, edition 2, number 978-3-540-70998-5, September.
    9. Fahrenwaldt, Matthias A. & Weber, Stefan & Weske, Kerstin, 2018. "Pricing Of Cyber Insurance Contracts In A Network Model," ASTIN Bulletin, Cambridge University Press, vol. 48(3), pages 1175-1218, September.
    10. Dhaene, J. & Denuit, M. & Goovaerts, M. J. & Kaas, R. & Vyncke, D., 2002. "The concept of comonotonicity in actuarial science and finance: theory," Insurance: Mathematics and Economics, Elsevier, vol. 31(1), pages 3-33, August.
    11. Dhaene, J. & Denuit, M. & Goovaerts, M. J. & Kaas, R. & Vyncke, D., 2002. "The concept of comonotonicity in actuarial science and finance: applications," Insurance: Mathematics and Economics, Elsevier, vol. 31(2), pages 133-161, October.
    12. Eling, Martin & Wirfs, Jan, 2019. "What are the actual costs of cyber risk events?," European Journal of Operational Research, Elsevier, vol. 272(3), pages 1109-1119.
    13. Maochao Xu & Lei Hua, 2019. "Cybersecurity Insurance: Modeling and Pricing," North American Actuarial Journal, Taylor & Francis Journals, vol. 23(2), pages 220-249, April.
    14. Chen Peng & Maochao Xu & Shouhuai Xu & Taizhong Hu, 2018. "Modeling multivariate cybersecurity risks," Journal of Applied Statistics, Taylor & Francis Journals, vol. 45(15), pages 2718-2740, November.
    15. Nagurney, Anna & Shukla, Shivani, 2017. "Multifirm models of cybersecurity investment competition vs. cooperation and network vulnerability," European Journal of Operational Research, Elsevier, vol. 260(2), pages 588-600.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Loretta Mastroeni & Alessandro Mazzoccoli & Maurizio Naldi, 2023. "Cyber Insurance Premium Setting for Multi-Site Companies under Risk Correlation," Risks, MDPI, vol. 11(10), pages 1-18, September.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Zhang, Xiaoyu & Xu, Maochao & Su, Jianxi & Zhao, Peng, 2023. "Structural models for fog computing based internet of things architectures with insurance and risk management applications," European Journal of Operational Research, Elsevier, vol. 305(3), pages 1273-1291.
    2. Gabriela Zeller & Matthias Scherer, 2023. "Risk mitigation services in cyber insurance: optimal contract design and price structure," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 48(2), pages 502-547, April.
    3. Malavasi, Matteo & Peters, Gareth W. & Shevchenko, Pavel V. & Trück, Stefan & Jang, Jiwook & Sofronov, Georgy, 2022. "Cyber risk frequency, severity and insurance viability," Insurance: Mathematics and Economics, Elsevier, vol. 106(C), pages 90-114.
    4. Daniel Zängerle & Dirk Schiereck, 2023. "Modelling and predicting enterprise-level cyber risks in the context of sparse data availability," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 48(2), pages 434-462, April.
    5. Jevtić, Petar & Lanchier, Nicolas, 2020. "Dynamic structural percolation model of loss distribution for cyber risk of small and medium-sized enterprises for tree-based LAN topology," Insurance: Mathematics and Economics, Elsevier, vol. 91(C), pages 209-223.
    6. Dacorogna, Michel & Debbabi, Nehla & Kratz, Marie, 2023. "Building up cyber resilience by better grasping cyber risk via a new algorithm for modelling heavy-tailed data," European Journal of Operational Research, Elsevier, vol. 311(2), pages 708-729.
    7. Matteo Malavasi & Gareth W. Peters & Pavel V. Shevchenko & Stefan Truck & Jiwook Jang & Georgy Sofronov, 2021. "Cyber Risk Frequency, Severity and Insurance Viability," Papers 2111.03366, arXiv.org, revised Mar 2022.
    8. Suyuan Luo & Tsan‐Ming Choi, 2022. "E‐commerce supply chains with considerations of cyber‐security: Should governments play a role?," Production and Operations Management, Production and Operations Management Society, vol. 31(5), pages 2107-2126, May.
    9. Cheung, K.C. & Chong, W.F. & Yam, S.C.P., 2015. "Convex ordering for insurance preferences," Insurance: Mathematics and Economics, Elsevier, vol. 64(C), pages 409-416.
    10. Zängerle, Daniel & Schiereck, Dirk, 2022. "Modelling and predicting enterprise‑level cyber risks in the context of sparse data availability," Publications of Darmstadt Technical University, Institute for Business Studies (BWL) 136276, Darmstadt Technical University, Department of Business Administration, Economics and Law, Institute for Business Studies (BWL).
    11. Van Weert, Koen & Dhaene, Jan & Goovaerts, Marc, 2010. "Optimal portfolio selection for general provisioning and terminal wealth problems," Insurance: Mathematics and Economics, Elsevier, vol. 47(1), pages 90-97, August.
    12. Frank Cremer & Barry Sheehan & Michael Fortmann & Arash N. Kia & Martin Mullins & Finbarr Murphy & Stefan Materne, 2022. "Cyber risk and cybersecurity: a systematic review of data availability," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 47(3), pages 698-736, July.
    13. Spencer Wheatley & Annette Hofmann & Didier Sornette, 2021. "Addressing insurance of data breach cyber risks in the catastrophe framework," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 46(1), pages 53-78, January.
    14. Li, Shengguo & Peng, Jin & Zhang, Bo, 2013. "The uncertain premium principle based on the distortion function," Insurance: Mathematics and Economics, Elsevier, vol. 53(2), pages 317-324.
    15. Ma, Boyuan & Chu, Tingjin & Jin, Zhuo, 2022. "Frequency and severity estimation of cyber attacks using spatial clustering analysis," Insurance: Mathematics and Economics, Elsevier, vol. 106(C), pages 33-45.
    16. Gareth W. Peters & Matteo Malavasi & Georgy Sofronov & Pavel V. Shevchenko & Stefan Trück & Jiwook Jang, 2023. "Cyber loss model risk translates to premium mispricing and risk sensitivity," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 48(2), pages 372-433, April.
    17. Goovaerts, Marc & Linders, Daniël & Van Weert, Koen & Tank, Fatih, 2012. "On the interplay between distortion, mean value and Haezendonck–Goovaerts risk measures," Insurance: Mathematics and Economics, Elsevier, vol. 51(1), pages 10-18.
    18. Mao, Tiantian & Hu, Taizhong, 2011. "A new proof of Cheung's characterization of comonotonicity," Insurance: Mathematics and Economics, Elsevier, vol. 48(2), pages 214-216, March.
    19. Yeftanus Antonio & Sapto Wahyu Indratno & Suhadi Wido Saputro, 2021. "Pricing of cyber insurance premiums using a Markov-based dynamic model with clustering structure," PLOS ONE, Public Library of Science, vol. 16(10), pages 1-28, October.
    20. Embrechts Paul & Wang Ruodu, 2015. "Seven Proofs for the Subadditivity of Expected Shortfall," Dependence Modeling, De Gruyter, vol. 3(1), pages 1-15, October.

    More about this item

    Keywords

    Association; Comonotonic; Covariance; Intertwined effect; Premiums;
    All these keywords.

    JEL classification:

    • C1 - Mathematical and Quantitative Methods - - Econometric and Statistical Methods and Methodology: General
    • C6 - Mathematical and Quantitative Methods - - Mathematical Methods; Programming Models; Mathematical and Simulation Modeling

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:insuma:v:101:y:2021:i:pb:p:525-546. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: http://www.elsevier.com/locate/inca/505554 .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.