IDEAS home Printed from https://ideas.repec.org/p/hal/journl/hal-02564462.html
   My bibliography  Save this paper

Propagation of cyber incidents in an insurance portfolio: counting processes combined with compartmental epidemiological models

Author

Listed:
  • Caroline Hillairet

    (Centre de Recherche en Économie et Statistique (CREST) - GENES - Groupe des Écoles Nationales d'Économie et Statistique)

  • Olivier Lopez

    (LPSM (UMR_8001) - Laboratoire de Probabilités, Statistique et Modélisation - SU - Sorbonne Université - CNRS - Centre National de la Recherche Scientifique - UPCité - Université Paris Cité, CREST - Centre de Recherche en Économie et Statistique - ENSAI - Ecole Nationale de la Statistique et de l'Analyse de l'Information [Bruz] - GENES - Groupe des Écoles Nationales d'Économie et Statistique - X - École polytechnique - IP Paris - Institut Polytechnique de Paris - ENSAE Paris - École Nationale de la Statistique et de l'Administration Économique - GENES - Groupe des Écoles Nationales d'Économie et Statistique - IP Paris - Institut Polytechnique de Paris - CNRS - Centre National de la Recherche Scientifique)

Abstract

In this paper, we propose a general framework to design accumulation scenarios that can be used to anticipate the impact of a massive cyber attack on an insurance portfolio. The aim is also to emphasize the role of countermeasures in stopping the spread of the attack over the portfolio, and to quantify the benefits of implementing such strategies of response. Our approach consists of separating the global dynamic of the cyber event (that can be described through compartmental epidemiological models), the effect on the portfolio, and the response strategy. This general framework allows us to obtain Gaussian approximations for the corresponding processes, and sharp confidence bounds for the losses. A detailed simulation study, which mimics the effects of a Wannacry scenario, illustrates the practical implementation of the method.

Suggested Citation

  • Caroline Hillairet & Olivier Lopez, 2021. "Propagation of cyber incidents in an insurance portfolio: counting processes combined with compartmental epidemiological models," Post-Print hal-02564462, HAL.
    • Handle: RePEc:hal:journl:hal-02564462
    DOI: 10.1080/03461238.2021.1872694
    Note: View the original document on HAL open archive server: https://hal.science/hal-02564462v2
    as

    Download full text from publisher

    File URL: https://hal.science/hal-02564462v2/document
    Download Restriction: no
    File URL: https://libkey.io/10.1080/03461238.2021.1872694?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    References listed on IDEAS

    as
    1. Amine El Koufi & Jihad Adnani & Abdelkrim Bennar & Noura Yousfi, 2019. "Analysis of a Stochastic SIR Model with Vaccination and Nonlinear Incidence Rate," International Journal of Differential Equations, Hindawi, vol. 2019, pages 1-9, August.
    2. Martin Eling & Werner Schnell, 2016. "What do we know about cyber risk and cyber risk insurance?," Journal of Risk Finance, Emerald Group Publishing Limited, vol. 17(5), pages 474-491, November.
    3. Mark Camillo, 2017. "Cyber risk and the changing role of insurance," Journal of Cyber Policy, Taylor & Francis Journals, vol. 2(1), pages 53-63, January.
    4. Runhuan Feng & Jose Garrido, 2011. "Actuarial Applications of Epidemiological Models," North American Actuarial Journal, Taylor & Francis Journals, vol. 15(1), pages 112-136.
    5. Fahrenwaldt, Matthias A. & Weber, Stefan & Weske, Kerstin, 2018. "Pricing Of Cyber Insurance Contracts In A Network Model," ASTIN Bulletin, Cambridge University Press, vol. 48(3), pages 1175-1218, September.
    6. Hua Chen & Samuel Cox, 2009. "An Option-Based Operational Risk Management Model for Pandemics," North American Actuarial Journal, Taylor & Francis Journals, vol. 13(1), pages 54-76.
    7. Eling, Martin & Loperfido, Nicola, 2017. "Data breaches: Goodness of fit, pricing, and risk measurement," Insurance: Mathematics and Economics, Elsevier, vol. 75(C), pages 126-136.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Caroline Hillairet & Olivier Lopez & Louise d'Oultremont & Brieuc Spoorenberg, 2022. "Cyber contagion: impact of the network structure on the losses of an insurance portfolio," Post-Print hal-03388840, HAL.
    2. Daniel Gaigall & Stefan Weber, 2025. "Jointly Exchangeable Collective Risk Models: Interaction, Structure, and Limit Theorems," Papers 2504.06287, arXiv.org.
    3. Hillairet, Caroline & Lopez, Olivier & d'Oultremont, Louise & Spoorenberg, Brieuc, 2022. "Cyber-contagion model with network structure applied to insurance," Insurance: Mathematics and Economics, Elsevier, vol. 107(C), pages 88-101.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Caroline Hillairet & Olivier Lopez, 2020. "Propagation of cyber incidents in an insurance portfolio: counting processes combined with compartmental epidemiological models," Working Papers hal-02564462, HAL.
    2. Malavasi, Matteo & Peters, Gareth W. & Shevchenko, Pavel V. & Trück, Stefan & Jang, Jiwook & Sofronov, Georgy, 2022. "Cyber risk frequency, severity and insurance viability," Insurance: Mathematics and Economics, Elsevier, vol. 106(C), pages 90-114.
    3. Matteo Malavasi & Gareth W. Peters & Pavel V. Shevchenko & Stefan Truck & Jiwook Jang & Georgy Sofronov, 2021. "Cyber Risk Frequency, Severity and Insurance Viability," Papers 2111.03366, arXiv.org, revised Mar 2022.
    4. Farkas, Sébastien & Lopez, Olivier & Thomas, Maud, 2021. "Cyber claim analysis using Generalized Pareto regression trees with applications to insurance," Insurance: Mathematics and Economics, Elsevier, vol. 98(C), pages 92-105.
    5. Ma, Boyuan & Chu, Tingjin & Jin, Zhuo, 2022. "Frequency and severity estimation of cyber attacks using spatial clustering analysis," Insurance: Mathematics and Economics, Elsevier, vol. 106(C), pages 33-45.
    6. Daniel Zängerle & Dirk Schiereck, 2023. "Modelling and predicting enterprise-level cyber risks in the context of sparse data availability," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 48(2), pages 434-462, April.
    7. Jevtić, Petar & Lanchier, Nicolas, 2020. "Dynamic structural percolation model of loss distribution for cyber risk of small and medium-sized enterprises for tree-based LAN topology," Insurance: Mathematics and Economics, Elsevier, vol. 91(C), pages 209-223.
    8. Ulrik Franke, 2020. "IT service outage cost: case study and implications for cyber insurance," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 760-784, October.
    9. Chen, Xiaowei & Chong, Wing Fung & Feng, Runhuan & Zhang, Linfeng, 2021. "Pandemic risk management: Resources contingency planning and allocation," Insurance: Mathematics and Economics, Elsevier, vol. 101(PB), pages 359-383.
    10. Xiaoying Xie & Charles Lee & Martin Eling, 2020. "Cyber insurance offering and performance: an analysis of the U.S. cyber insurance market," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 690-736, October.
    11. D'Amato, Valeria & Di Lorenzo, Emilia & Piscopo, Gabriella & Sibillo, Marilena & Trotta, Annarita, 2024. "Insurance business and social sustainability: A proposal," Socio-Economic Planning Sciences, Elsevier, vol. 93(C).
    12. Gareth W. Peters & Matteo Malavasi & Georgy Sofronov & Pavel V. Shevchenko & Stefan Truck & Jiwook Jang, 2022. "Cyber Loss Model Risk Translates to Premium Mispricing and Risk Sensitivity," Papers 2202.10588, arXiv.org, revised Mar 2023.
    13. Martin Eling & Michael McShane & Trung Nguyen, 2021. "Cyber risk management: History and future research directions," Risk Management and Insurance Review, American Risk and Insurance Association, vol. 24(1), pages 93-125, March.
    14. Yeftanus Antonio & Sapto Wahyu Indratno & Rinovia Simanjuntak, 2021. "Cyber Insurance Ratemaking: A Graph Mining Approach," Risks, MDPI, vol. 9(12), pages 1-34, December.
    15. Gareth W. Peters & Matteo Malavasi & Georgy Sofronov & Pavel V. Shevchenko & Stefan Trück & Jiwook Jang, 2023. "Cyber loss model risk translates to premium mispricing and risk sensitivity," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 48(2), pages 372-433, April.
    16. Angelica Marotta & Michael McShane, 2018. "Integrating a Proactive Technique Into a Holistic Cyber Risk Management Approach," Risk Management and Insurance Review, American Risk and Insurance Association, vol. 21(3), pages 435-452, December.
    17. Dirk Wrede & Tino Stegen & Johann-Matthias Schulenburg, 2020. "Affirmative and silent cyber coverage in traditional insurance policies: Qualitative content analysis of selected insurance products from the German insurance market," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 657-689, October.
    18. Xiaoying Xie & Charles Lee & Martin Eling, 0. "Cyber insurance offering and performance: an analysis of the U.S. cyber insurance market," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 0, pages 1-47.
    19. Hainaut, Donatien, 2020. "An actuarial approach for modeling pandemic risk," LIDAM Discussion Papers ISBA 2020025, Université catholique de Louvain, Institute of Statistics, Biostatistics and Actuarial Sciences (ISBA).
    20. Donatien Hainaut, 2020. "An Actuarial Approach for Modeling Pandemic Risk," Risks, MDPI, vol. 9(1), pages 1-28, December.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:hal:journl:hal-02564462. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: CCSD (email available below). General contact details of provider: https://hal.archives-ouvertes.fr/ .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.