Pemodelan dan Perhitungan Premi Asuransi Keamanan Siber dengan Model Non-Markov

Ivander Jeremy, Felivia Kusnadi, Benny Yong

Abstract


The development of information and communication technology not only has positive impacts, but also negative impacts, especially in the cybersecurity sector. Insurance companies need to create a relatively new insurance product, namely cybersecurity insurance. However, development of cybersecurity insurance still needs further investigation because there is no standard actuarial table like mortality table in life insurance. This article will discuss the modeling of infection and recovery process of a node and various other connected nodes in a computer network of the company using non-Markov model in the case of absence of dependence between cybersecurity risks, applying the Monte Carlo simulation method to obtain experimental data with various distributions – Weibull, Lognormal, and Inverse Gaussian – for the calculation of premium charged by insurance companies to insured companies interested in purchasing cybersecurity insurance products. Standard deviation premium principle and exponential utility premium principle are used to calculate premium. We concluded that the infection and recovery time with a long-tailed distribution has a lower premium price compared to those with a short-tailed distribution.


Keywords


cybersecurity insurance; non-Markov model; Monte Carlo simulation

Full Text:

PDF

References


J. M. Lemnitzer, “Why cybersecurity insurance should be regulated and compulsory,” J. Cyber Policy, vol. 6, no. 2, pp. 118–136, 2021.

Y. Zhao and L. Jones, “Integrating Human Reasoning and Machine Learning to Classify Cyber Attacks,” Advers. Learn. Tech. Trends Cybersecurity, pp. 147–165, 2021.

M. Carfora, F. Martinelli, F. Mercaldo, and A. Orlando, “Cyber risk management: An actuarial point of view,” J. Oper. Risk, vol. 14, no. 4, 2019.

M. Xu and L. Hua, “Cybersecurity Insurance: Modeling and Pricing,” North Am. Actuar. J., vol. 23, no. 2, pp. 220–249, 2019, doi: 10.1080/10920277.2019.1566076.

T. Kosub, “Components and challenges of integrated cyber risk management,” Zeitschrift fur die gesamte Versicherungswiss., vol. 104, no. 5, pp. 615–634, 2015, doi: 10.1007/s12297-015-0316-8.

G. A. Schwartz and S. S. Sastry, “Cyber-insurance framework for large scale interdependent networks,” HiCoNS 2014 - Proc. 3rd Int. Conf. High Confid. Networked Syst. (Part CPS Week), pp. 145–153, 2014, doi: 10.1145/2566468.2566481.

B. Edwards, S. Hofmeyr, and S. Forrest, “Hype and heavy tails: A closer look at data breaches,” J. Cybersecurity, vol. 2, no. 1, pp. 3–14, 2016.

K. Awiszus, T. Knispel, I. Penner, G. Svindland, A. Voß, and S. Weber, “Modeling and Pricing Cyber Insurance,” 2021.

R. Kaas, M. Goovaerts, J. Dhaene, and M. Denuit, Modern Actuarial Risk Theory. 2008.

M. Chudziak and M. Żołdak, “On Extendability of the Principle of Equivalent Utility,” Symmetry (Basel)., vol. 12, no. 1, p. 42, 2019.

G. Trenkler, “Continuous univariate distributions,” Comput. Stat. Data Anal., vol. 21, no. 1, p. 119, 1996, doi: 10.1016/0167-9473(96)90015-8.

J. Rojo, “On Tail Categorization of Probability Laws,” J. Am. Stat. Assoc., vol. 91, no. 433, pp. 378–384, 2014.




DOI: http://dx.doi.org/10.12962/limits.v19i2.9000

Refbacks

  • There are currently no refbacks.


Jumlah Kunjungan:

Creative Commons License
Limits: Journal Mathematics and its Aplications by Pusat Publikasi Ilmiah LPPM Institut Teknologi Sepuluh Nopember is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Based on a work at https://iptek.its.ac.id/index.php/limits.