{"title":"Building up Cyber Resilience by Better Grasping Cyber Risk Via a New Algorithm for Modelling Heavy-Tailed Data","authors":"M. Dacorogna, Nehla Debbabi, M. Kratz","doi":"10.48550/arXiv.2209.02845","DOIUrl":null,"url":null,"abstract":"Cyber security and resilience are major challenges in our modern economies; this is why they are top priorities on the agenda of governments, security and defense forces, management of companies and organizations. Hence, the need of a deep understanding of cyber risks to improve resilience. We propose here an analysis of the database of the cyber complaints filed at the {\\it Gendarmerie Nationale}. We perform this analysis with a new algorithm developed for non-negative asymmetric heavy-tailed data, which could become a handy tool in applied fields. This method gives a good estimation of the full distribution including the tail. Our study confirms the finiteness of the loss expectation, necessary condition for insurability. Finally, we draw the consequences of this model for risk management, compare its results to other standard EVT models, and lay the ground for a classification of attacks based on the fatness of the tail.","PeriodicalId":11868,"journal":{"name":"Eur. J. Oper. Res.","volume":"1 1","pages":"708-729"},"PeriodicalIF":0.0000,"publicationDate":"2022-09-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Eur. J. Oper. Res.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.48550/arXiv.2209.02845","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 5
Abstract
Cyber security and resilience are major challenges in our modern economies; this is why they are top priorities on the agenda of governments, security and defense forces, management of companies and organizations. Hence, the need of a deep understanding of cyber risks to improve resilience. We propose here an analysis of the database of the cyber complaints filed at the {\it Gendarmerie Nationale}. We perform this analysis with a new algorithm developed for non-negative asymmetric heavy-tailed data, which could become a handy tool in applied fields. This method gives a good estimation of the full distribution including the tail. Our study confirms the finiteness of the loss expectation, necessary condition for insurability. Finally, we draw the consequences of this model for risk management, compare its results to other standard EVT models, and lay the ground for a classification of attacks based on the fatness of the tail.