IDEAS home Printed from https://ideas.repec.org/p/hal/journl/hal-02564462.html
   My bibliography  Save this paper

Propagation of cyber incidents in an insurance portfolio: counting processes combined with compartmental epidemiological models

Author

Listed:
  • Caroline Hillairet

    (CMAP - Centre de Mathématiques Appliquées - Ecole Polytechnique - X - École polytechnique - CNRS - Centre National de la Recherche Scientifique)

  • Olivier Lopez

    (LPSM (UMR_8001) - Laboratoire de Probabilités, Statistique et Modélisation - SU - Sorbonne Université - CNRS - Centre National de la Recherche Scientifique - UPCité - Université Paris Cité)

Abstract

In this paper, we propose a general framework to design accumulation scenarios that can be used to anticipate the impact of a massive cyber attack on an insurance portfolio. The aim is also to emphasize the role of countermeasures in stopping the spread of the attack over the portfolio, and to quantify the benefits of implementing such strategies of response. Our approach consists of separating the global dynamic of the cyber event (that can be described through compartmental epidemiological models), the effect on the portfolio, and the response strategy. This general framework allows us to obtain Gaussian approximations for the corresponding processes, and sharp confidence bounds for the losses. A detailed simulation study, which mimics the effects of a Wannacry scenario, illustrates the practical implementation of the method.

Suggested Citation

  • Caroline Hillairet & Olivier Lopez, 2021. "Propagation of cyber incidents in an insurance portfolio: counting processes combined with compartmental epidemiological models," Post-Print hal-02564462, HAL.
    • Handle: RePEc:hal:journl:hal-02564462
    Note: View the original document on HAL open archive server: https://hal.science/hal-02564462v2
    as

    Download full text from publisher

    File URL: https://hal.science/hal-02564462v2/document
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Amine El Koufi & Jihad Adnani & Abdelkrim Bennar & Noura Yousfi, 2019. "Analysis of a Stochastic SIR Model with Vaccination and Nonlinear Incidence Rate," International Journal of Differential Equations, Hindawi, vol. 2019, pages 1-9, August.
    2. Martin Eling & Werner Schnell, 2016. "What do we know about cyber risk and cyber risk insurance?," Journal of Risk Finance, Emerald Group Publishing Limited, vol. 17(5), pages 474-491, November.
    3. Mark Camillo, 2017. "Cyber risk and the changing role of insurance," Journal of Cyber Policy, Taylor & Francis Journals, vol. 2(1), pages 53-63, January.
    4. Runhuan Feng & Jose Garrido, 2011. "Actuarial Applications of Epidemiological Models," North American Actuarial Journal, Taylor & Francis Journals, vol. 15(1), pages 112-136.
    5. Fahrenwaldt, Matthias A. & Weber, Stefan & Weske, Kerstin, 2018. "Pricing Of Cyber Insurance Contracts In A Network Model," ASTIN Bulletin, Cambridge University Press, vol. 48(3), pages 1175-1218, September.
    6. Hua Chen & Samuel Cox, 2009. "An Option-Based Operational Risk Management Model for Pandemics," North American Actuarial Journal, Taylor & Francis Journals, vol. 13(1), pages 54-76.
    7. Eling, Martin & Loperfido, Nicola, 2017. "Data breaches: Goodness of fit, pricing, and risk measurement," Insurance: Mathematics and Economics, Elsevier, vol. 75(C), pages 126-136.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Caroline Hillairet & Olivier Lopez & Louise d'Oultremont & Brieuc Spoorenberg, 2022. "Cyber contagion: impact of the network structure on the losses of an insurance portfolio," Post-Print hal-03388840, HAL.
    2. Hillairet, Caroline & Lopez, Olivier & d'Oultremont, Louise & Spoorenberg, Brieuc, 2022. "Cyber-contagion model with network structure applied to insurance," Insurance: Mathematics and Economics, Elsevier, vol. 107(C), pages 88-101.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Caroline Hillairet & Olivier Lopez, 2020. "Propagation of cyber incidents in an insurance portfolio: counting processes combined with compartmental epidemiological models," Working Papers hal-02564462, HAL.
    2. Malavasi, Matteo & Peters, Gareth W. & Shevchenko, Pavel V. & Trück, Stefan & Jang, Jiwook & Sofronov, Georgy, 2022. "Cyber risk frequency, severity and insurance viability," Insurance: Mathematics and Economics, Elsevier, vol. 106(C), pages 90-114.
    3. Matteo Malavasi & Gareth W. Peters & Pavel V. Shevchenko & Stefan Truck & Jiwook Jang & Georgy Sofronov, 2021. "Cyber Risk Frequency, Severity and Insurance Viability," Papers 2111.03366, arXiv.org, revised Mar 2022.
    4. Farkas, Sébastien & Lopez, Olivier & Thomas, Maud, 2021. "Cyber claim analysis using Generalized Pareto regression trees with applications to insurance," Insurance: Mathematics and Economics, Elsevier, vol. 98(C), pages 92-105.
    5. Ma, Boyuan & Chu, Tingjin & Jin, Zhuo, 2022. "Frequency and severity estimation of cyber attacks using spatial clustering analysis," Insurance: Mathematics and Economics, Elsevier, vol. 106(C), pages 33-45.
    6. Daniel Zängerle & Dirk Schiereck, 2023. "Modelling and predicting enterprise-level cyber risks in the context of sparse data availability," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 48(2), pages 434-462, April.
    7. Jevtić, Petar & Lanchier, Nicolas, 2020. "Dynamic structural percolation model of loss distribution for cyber risk of small and medium-sized enterprises for tree-based LAN topology," Insurance: Mathematics and Economics, Elsevier, vol. 91(C), pages 209-223.
    8. Ulrik Franke, 2020. "IT service outage cost: case study and implications for cyber insurance," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 760-784, October.
    9. Chen, Xiaowei & Chong, Wing Fung & Feng, Runhuan & Zhang, Linfeng, 2021. "Pandemic risk management: Resources contingency planning and allocation," Insurance: Mathematics and Economics, Elsevier, vol. 101(PB), pages 359-383.
    10. Xiaoying Xie & Charles Lee & Martin Eling, 2020. "Cyber insurance offering and performance: an analysis of the U.S. cyber insurance market," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 690-736, October.
    11. Ulrik Franke, 0. "IT service outage cost: case study and implications for cyber insurance," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 0, pages 1-25.
    12. Zängerle, Daniel & Schiereck, Dirk, 2022. "Modelling and predicting enterprise‑level cyber risks in the context of sparse data availability," Publications of Darmstadt Technical University, Institute for Business Studies (BWL) 136276, Darmstadt Technical University, Department of Business Administration, Economics and Law, Institute for Business Studies (BWL).
    13. Gareth W. Peters & Matteo Malavasi & Georgy Sofronov & Pavel V. Shevchenko & Stefan Truck & Jiwook Jang, 2022. "Cyber Loss Model Risk Translates to Premium Mispricing and Risk Sensitivity," Papers 2202.10588, arXiv.org, revised Mar 2023.
    14. Xiaowei Chen & Wing Fung Chong & Runhuan Feng & Linfeng Zhang, 2020. "Pandemic risk management: resources contingency planning and allocation," Papers 2012.03200, arXiv.org.
    15. Hillairet, Caroline & Lopez, Olivier & d'Oultremont, Louise & Spoorenberg, Brieuc, 2022. "Cyber-contagion model with network structure applied to insurance," Insurance: Mathematics and Economics, Elsevier, vol. 107(C), pages 88-101.
    16. Martin Eling & Michael McShane & Trung Nguyen, 2021. "Cyber risk management: History and future research directions," Risk Management and Insurance Review, American Risk and Insurance Association, vol. 24(1), pages 93-125, March.
    17. Yeftanus Antonio & Sapto Wahyu Indratno & Rinovia Simanjuntak, 2021. "Cyber Insurance Ratemaking: A Graph Mining Approach," Risks, MDPI, vol. 9(12), pages 1-34, December.
    18. Gareth W. Peters & Matteo Malavasi & Georgy Sofronov & Pavel V. Shevchenko & Stefan Trück & Jiwook Jang, 2023. "Cyber loss model risk translates to premium mispricing and risk sensitivity," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 48(2), pages 372-433, April.
    19. Omer Ilker Poyraz & Mustafa Canan & Michael McShane & C. Ariel Pinto & T. Steven Cotter, 2020. "Cyber assets at risk: monetary impact of U.S. personally identifiable information mega data breaches," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 616-638, October.
    20. Da, Gaofeng & Xu, Maochao & Zhao, Peng, 2021. "Multivariate dependence among cyber risks based on L-hop propagation," Insurance: Mathematics and Economics, Elsevier, vol. 101(PB), pages 525-546.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:hal:journl:hal-02564462. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: CCSD (email available below). General contact details of provider: https://hal.archives-ouvertes.fr/ .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.