TY - JOUR

T1 - Exact Insurance Premiums for Cyber Risk of Small and Medium-Sized Enterprises

AU - Chiaradonna, Stefano

AU - Lanchier, Nicolas

N1 - Funding Information:
This work is partially supported by National Science Foundation under grant CNS-2000792
Publisher Copyright:
©

PY - 2022

Y1 - 2022

N2 - As cyber attacks have become more frequent, cyber insurance premiums have increased, resulting in the need for better modeling of cyber risk. Toward this direction, Jevti and Lanchier [Insur. Math. Econ. 91 (2020) 209 223] proposed a dynamic structural model of aggregate loss distribution for cyber risk of small and medium-sized enterprises under the assumption of a tree-based local-area-network topology that consists of the combination of a Poisson process, homogeneous random trees, bond percolation processes, and cost topology. Their model assumes that the contagion spreads through the edges of the network with the same fixed probability in both directions, thus overlooking a dynamic cyber security environment implemented in most networks, and their results give an exact expression for the mean of the aggregate loss but only a rough upper bound for the variance. In this paper, we consider a bidirectional version of their percolation model in which the contagion spreads through the edges of the network with a certain probability of moving toward the lower level assets of the network but with another probability of moving toward the higher level assets of the network, which results in a more realistic cyber security environment. In addition, our mathematical approach is quite different and leads to exact expressions for both the mean and the variance of the aggregate loss, and therefore an exact expression for the insurance premiums.

AB - As cyber attacks have become more frequent, cyber insurance premiums have increased, resulting in the need for better modeling of cyber risk. Toward this direction, Jevti and Lanchier [Insur. Math. Econ. 91 (2020) 209 223] proposed a dynamic structural model of aggregate loss distribution for cyber risk of small and medium-sized enterprises under the assumption of a tree-based local-area-network topology that consists of the combination of a Poisson process, homogeneous random trees, bond percolation processes, and cost topology. Their model assumes that the contagion spreads through the edges of the network with the same fixed probability in both directions, thus overlooking a dynamic cyber security environment implemented in most networks, and their results give an exact expression for the mean of the aggregate loss but only a rough upper bound for the variance. In this paper, we consider a bidirectional version of their percolation model in which the contagion spreads through the edges of the network with a certain probability of moving toward the lower level assets of the network but with another probability of moving toward the higher level assets of the network, which results in a more realistic cyber security environment. In addition, our mathematical approach is quite different and leads to exact expressions for both the mean and the variance of the aggregate loss, and therefore an exact expression for the insurance premiums.

KW - Aggregate loss

KW - Bond percolation

KW - Cyber risk

KW - Galton-Watson tree

KW - Insurance premium

UR - http://www.scopus.com/inward/record.url?scp=85141308166&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85141308166&partnerID=8YFLogxK

U2 - 10.1051/mmnp/2022041

DO - 10.1051/mmnp/2022041

M3 - Article

AN - SCOPUS:85141308166

VL - 17

JO - Mathematical Modelling of Natural Phenomena

JF - Mathematical Modelling of Natural Phenomena

SN - 0973-5348

M1 - 40

ER -