全部 标题 作者
关键词 摘要

OALib Journal期刊
ISSN: 2333-9721
费用:99美元
投递稿件

查看量下载量

相关文章

更多...

Modeling Cyber Loss Severity Using a Spliced Regression Distribution with Mixture Components

DOI: 10.4236/ojs.2023.134021, PP. 425-452

Keywords: Cyber Risk, Data Breach, Spliced Regression Model, Finite Mixture Distribu-tion, Cluster Analysis, Expectation-Maximization Algorithm, Extreme Value Theory

Full-Text   Cite this paper   Add to My Lib

Abstract:

Cyber losses in terms of number of records breached under cyber incidents commonly feature a significant portion of zeros, specific characteristics of mid-range losses and large losses, which make it hard to model the whole range of the losses using a standard loss distribution. We tackle this modeling problem by proposing a three-component spliced regression model that can simultaneously model zeros, moderate and large losses and consider heterogeneous effects in mixture components. To apply our proposed model to Privacy Right Clearinghouse (PRC) data breach chronology, we segment geographical groups using unsupervised cluster analysis, and utilize a covariate-dependent probability to model zero losses, finite mixture distributions for moderate body and an extreme value distribution for large losses capturing the heavy-tailed nature of the loss data. Parameters and coefficients are estimated using the Expectation-Maximization (EM) algorithm. Combining with our frequency model (generalized linear mixed model) for data breaches, aggregate loss distributions are investigated and applications on cyber insurance pricing and risk management are discussed.

 References

[1]  Gartner Research (2018) Forecast Analysis: Information Security, Worldwide, 2Q18 Update. Gartner Research.
[2]  AXA (2019) AXA & Eurasia Group Future Risks Report. AXA.
[3]  (2020) IBM: Cost of a Data Breach Report. Computer Fraud & Security, 2021.
https://doi.org/10.1016/S1361-3723(21)00082-8
[4]  Leswing, K. (2020) Twitter Hackers Who Targeted Elon Musk and Others Received $121,000 in Bitcoin, Analysis Shows. CNBC TECH.
https://www.cnbc.com/2020/07/16/twitter-hackers-made-121000-in-bitcoin-analysis-shows.html
[5]  Marriott (2020) Marriott International Notifies Guests of Property System Incident. Marriott International News Center.
https://news.marriott.com/news/2020/03/31/marriott-international-notifies-guests-of-property-system-incident
[6]  Equifax (2017) Equifax acquires data-crédito.
https://investor.equifax.com/news-events/press-releases/detail/1221/equifax-acquires-data-crdito
[7]  Michael, A.B. (2020) Exposure Measures for Pricing and Analyzing the Risks in Cyber Insurance. Casualty Actuarial Society and Society of Actuaries.
[8]  Farley, J. (2022) The Cyber Insurance Market Struggles with Continued Hardening Market Conditions. Gallagher.
[9]  Malavasi, M., Gareth, P., Shevchenko, P.V., Trück, S., Jang, J. and Sofronov, G. (2021) Cyber Risk Frequency, Severity and Insurance Viability. (Preprint)
https://doi.org/10.2139/ssrn.3940329
[10]  Sun, H., Xu, M. and Zhao, P. (2021) Modeling Malicious Hacking Data Breach Risks. North American Actuarial Journal, 25, 484-502.
https://doi.org/10.1080/10920277.2020.1752255
[11]  Farkas, S., Lopez, O. and Thomas, M. (2021) Cyber Claim Analysis Using Generalized Pareto Regression Trees with Applications to Insurance. Insurance: Mathematics and Economics, 98, 92-105.
https://doi.org/10.1016/j.insmatheco.2021.02.009
[12]  McNeil, A.J. (1997) Estimating the Tails of Loss Severity Distributions Using Extreme Value Theory. ASTIN Bulletin: The Journal of the IAA, 27, 117-137.
https://doi.org/10.2143/AST.27.1.563210
[13]  Allen, D.E., Singh, A.K. and Powell, R.J. (2013) EVT and Tail-Risk Modelling: Evidence from Market Indices and Volatility Series. The North American Journal of Economics and Finance, 26, 355-369.
https://doi.org/10.1016/j.najef.2013.02.010
[14]  Park, M.H. and Kim, J.H.T. (2016) Estimating Extreme Tail Risk Measures with Generalized Pareto Distribution. Computational Statistics & Data Analysis, 98, 91-104.
https://doi.org/10.1016/j.csda.2015.12.008
[15]  Beirlant, J., Goegebeur, Y., Segers, J. and Teugels, J.L. (2004) Statistics of Extremes: Theory and Applications. John Wiley & Sons, Hoboken.
https://doi.org/10.1002/0470012382
[16]  Klugman, S.A., Panjer, H.H. and Willmot, G.E. (2012) Loss Models: Further Topics. John Wiley & Sons, Hoboken.
https://doi.org/10.1002/9781118787106
[17]  Reynkens, T., Verbelen, R., Beirlant, J. and Antonio, K. (2017) Modelling Censored Losses Using Splicing: A Global Fit Strategy with Mixed Erlang and Extreme Value Distributions. Insurance: Mathematics and Economics, 77, 65-77.
https://doi.org/10.1016/j.insmatheco.2017.08.005
[18]  Gan, G. and Valdez, E.A. (2018) Fat-Tailed Regression Modeling with Spliced Distributions. North American Actuarial Journal, 22, 554-573.
https://doi.org/10.1080/10920277.2018.1462718
[19]  Tzougas, G., Vrontos, S. and Frangos, N. (2014) Optimal Bonus-Malus Systems Using Finite Mixture Models. ASTIN Bulletin: The Journal of the IAA, 44, 417-444.
https://doi.org/10.1017/asb.2013.31
[20]  Sattayatham, P. and Talangtam, T. (2012) Fitting of Finite Mixture Distributions to Motor Insurance Claims. Journal of Mathematics and Statistics, 8, 49-56.
https://doi.org/10.3844/jmssp.2012.49.56
[21]  Bernardi, M., Maruotti, A. and Petrella, L. (2012) Skew Mixture Models for Loss Distributions: A Bayesian Approach. Insurance: Mathematics and Economics, 51, 617-623.
https://doi.org/10.1016/j.insmatheco.2012.08.002
[22]  Miljkovic, T. and Grün, B. (2016) Modeling Loss Data Using Mixtures of Distributions. Insurance: Mathematics and Economics, 70, 387-396.
https://doi.org/10.1016/j.insmatheco.2016.06.019
[23]  Gui, W., Huang, R. and Lin, X.S. (2018) Fitting the Erlang Mixture Model to Data via a GEM-CMM Algorithm. Journal of Computational and Applied Mathematics, 343, 189-205.
https://doi.org/10.1016/j.cam.2018.04.032
[24]  Fung, T.C., Badescu, A.L. and Lin, X.S. (2019) A Class of Mixture of Experts Models for General Insurance: Theoretical Developments. Insurance: Mathematics and Economics, 89, 111-127.
https://doi.org/10.1016/j.insmatheco.2019.09.007
[25]  Fung, T.C., Badescu, A.L. and Lin, X.S. (2019) A Class of Mixture of Experts Models for General Insurance: Application to Correlated Claim Frequencies. ASTIN Bulletin: The Journal of the IAA, 49, 647-688.
https://doi.org/10.1017/asb.2019.25
[26]  Sun, M. and Lu, Y. (2022) A Generalized Linear Mixed Model for Data Breaches and Its Application in Cyber Insurance. Risks, 10, Article 224.
https://doi.org/10.3390/risks10120224
[27]  Bell, G. and Ebert, M. (2015) Health Care and Cyber Security: Increasing Threats Require Increased Capabilities. KPMG.
[28]  Williams, P.A.H. and Woodward, A.J. (2015) Cybersecurity Vulnerabilities in Medical Devices: A Complex Environment and Multifaceted Problem. Medical Devices: Evidence and Research, 8, 305-316.
https://doi.org/10.2147/MDER.S50048
[29]  Roberts, S.J. (1997) Parametric and Non-Parametric Unsupervised Cluster Analysis. Pattern Recognition, 30, 261-272.
https://doi.org/10.1016/S0031-3203(96)00079-9
[30]  Likas, A., Vlassis, N. and Verbeek, J.J. (2003) The Global k-Means Clustering Algorithm. Pattern Recognition, 36, 451-461.
https://doi.org/10.1016/S0031-3203(02)00060-2
[31]  Johnson, S.C. (1967) Hierarchical Clustering Schemes. Psychometrika, 32, 241-254.
https://doi.org/10.1007/BF02289588
[32]  Bholowalia, P. and Kumar, A. (2014) EBK-Means: A Clustering Technique Based on Elbow Method and K-Means in WSN. International Journal of Computer Applications, 105, 17-24.
[33]  Agrawal, R., Faloutsos, C. and Swami, A. (1993) Efficient Similarity Search in Sequence Databases. In: Lomet, D.B., Eds., FODO 1993: Foundations of Data Organization and Algorithms, Lecture Notes in Computer Science, Vol. 730, Springer, Berlin, 69-84.
https://doi.org/10.1007/3-540-57301-1_5
[34]  Peel, D. and MacLahlan, G. (2000) Finite Mixture Models. John & Sons, Hoboken.
https://doi.org/10.1002/0471721182
[35]  Hasselblad, V. (1969) Estimation of Finite Mixtures of Distributions from the Exponential Family. Journal of the American Statistical Association, 64, 1459-1471.
https://doi.org/10.1080/01621459.1969.10501071
[36]  Yee, T.W. (2015) Vector Generalized Linear and Additive Models: With an Implementation in R. Springer, Berlin.
[37]  Nelder, J.A. and Wedderburn, R.W.M. (1972) Generalized Linear Models. Journal of the Royal Statistical Society: Series A (General), 135, 370-384.
https://doi.org/10.2307/2344614
[38]  Dempster, A.P., Laird, N.M. and Rubin, D.B. (1977) Maximum Likelihood from Incomplete Data via the EM Algorithm. Journal of the Royal Statistical Society: Series B (Methodological), 39, 1-22.
https://doi.org/10.1111/j.2517-6161.1977.tb01600.x
[39]  McCullagh, P. and Nelder, J.A. (2019) Generalized Linear Models. Routledge, New York.
https://doi.org/10.1201/9780203753736
[40]  Gan, G. and Valdez, E.A. (2018) Regression Modeling for the Valuation of Large Variable Annuity Portfolios. North American Actuarial Journal, 22, 40-54.
https://doi.org/10.1080/10920277.2017.1366863
[41]  Bühlmann, H. (2007) Mathematical Methods in Risk Theory. Springer Science & Business Media, Berlin.
[42]  Jacobs, J. (2014) Analyzing Ponemon Cost of Data Breach. Data Driven Security, 11, 5.
[43]  Financial Services Varonis (2021) 2021 Financial Services Data Risk Report.
[44]  Marsh McLennan (2021) Cyber Insurance Market Overview: Fourth Quarter 2021. Marsh Cyber Risk Report.
https://www.marsh.com/us/services/cyber-risk/insights/cyber-insurance-market-overview-q4-2021.html

Full-Text

comments powered by Disqus

Contact Us

service@oalib.com

QQ:3279437679

WhatsApp +8615387084133

WeChat 1538708413