A Multivariate Model to Quantify and Mitigate Cybersecurity Risk

Bentley, Mark; Stephenson, Alec; Toscas, Peter; Zhu, Zhen

doi:10.3390/risks8020061

Cited by 15 publications

(11 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Looking at literature on cyber security, with regard to frequency, it is generally modeled by either a Poisson or a negative binomial distribution (Eling and Loperfido 2017). (Bentley et al 2020) suggest that a suitable way to model the effect of mitigation on the frequency of attacks, is to resort to a Poisson process.…”

Section: The Role Of Cyber Value At Riskmentioning

confidence: 99%

Section: The Role Of Cyber Value At Riskmentioning

confidence: 99%

“…Another issue concerns the dependability structure of losses, requiring a model able to deal with various, but dependent, classes of damages (Bentley et al 2020). In order to model dependency structure, copulas are commonly used (Bentley et al 2020;Eling and Jung 2018). Recent actuarial studies focus on modelling the dependence between the claim frequency and the average severity (Alemany et al 2021).…”

Section: The Role Of Cyber Value At Riskmentioning

confidence: 99%

“…Another critical issue is the estimation of mitigation effects of investments in security. Bentley et al (2020) propose an interesting model for mitigation that targets frequency and severity separately.…”

Section: Cyber Value At Risk In the Valuation Of Information Security Investmentsmentioning

confidence: 99%

See 3 more Smart Citations

Cyber Risk Quantification: Investigating the Role of Cyber Value at Risk

Orlando

2021

Risks

View full text Add to dashboard Cite

The aim of this paper is to deepen the application of value at risk in the cyber domain, with particular attention to its potential role in security investment valuation. Cyber risk is a fundamental component of the overall risk faced by any organization. In order to plan the size of security investments and to estimate the consequent risk reduction, managers strongly need to quantify it. Accordingly, they can decide about the possibility of sharing residual risk with a third party, such as an insurance company. Recently, cyber risk management techniques are including some risk quantile-based measures that are widely employed in the financial domain. They refer to value at risk that, in the cyber context, takes the name of cyber value at risk (Cy-VaR). In this paper, the main features and challenging issues of Cy-VaR are examined. The possible use of this risk measure in supporting investment decisions in cyber context is discussed, and new risk-based security metrics are proposed. Some simple examples are given to show their potential.

show abstract

Section: The Role Of Cyber Value At Riskmentioning

confidence: 99%

Section: The Role Of Cyber Value At Riskmentioning

confidence: 99%

Section: The Role Of Cyber Value At Riskmentioning

confidence: 99%

Section: Cyber Value At Risk In the Valuation Of Information Security Investmentsmentioning

confidence: 99%

See 2 more Smart Citations

Cyber Risk Quantification: Investigating the Role of Cyber Value at Risk

Orlando

2021

Risks

View full text Add to dashboard Cite

show abstract

“…It should be mentioned, that operators providing intelligent public transport services don't spend sufficient financial sources on development, 4 security and maintenance of security systems. 5 For that reason are state departments and agencies adopting measures for mitigation, planning and 1 Cyber attack is defined as "attack on IT infrastructure in order to cause damage, or to obtain sensitive or strategically important information" (Jirásek, P., Novák, L., Požár, J. (2015) Výkladový slovník Kybernetické bezpečnosti, Prague: PA CR in Prague, Czech branch of AFCEA, p. 71).…”

Section: Introductionmentioning

confidence: 99%

Insurance of Cyber Risks in International Transport

Dobiáš

2022

MUJLT

View full text Add to dashboard Cite

The international transport of goods, passengers and luggage is recently facing the threat of cyberattacks. The article is focused on the analysis of the possible cyber risks in the field of the international transport and their management created by the international governmental and non-governmental organisations. The international regulation of the cybersecurity has only recommendatory character and will be subject to future development. That’s the reason why should carriers pay greater attention to all possible cyber security measures. As the instrument of the reduction and mitigation of cyber risks could be used cyber-insurance. The insurance companies are offering insurance cover mainlyon individual base corresponding to the extent of protection required by the policyholder.

show abstract

Cyber Risk: Estimates for Malicious and Negligent Breaches Distributions

Carfora

Orlando

2022

Mathematical and Statistical Methods for Actuarial Sciences and Finance

View full text Add to dashboard Cite

A Multivariate Model to Quantify and Mitigate Cybersecurity Risk

Cited by 15 publications

References 29 publications

Cyber Risk Quantification: Investigating the Role of Cyber Value at Risk

Cyber Risk Quantification: Investigating the Role of Cyber Value at Risk

Insurance of Cyber Risks in International Transport

Cyber Risk: Estimates for Malicious and Negligent Breaches Distributions

Contact Info

Product

Resources

About