Conference Program Home
  My Program

All Times EDT

Abstract Details

Activity Number: 385 - SPEED: Statistical Methods and Applications in Medical Research, Risk Analysis, and Marketing Part 1
Type: Contributed
Date/Time: Wednesday, August 10, 2022 : 8:30 AM to 10:20 AM
Sponsor: Section on Risk Analysis
Abstract #323137
Title: Correcting Under-Reporting in Cyber Incidents
Author(s): Seema Sangari* and Eric Dallal
Companies: Kennesaw State University and Verisk
Keywords: Cyber Insurance; Cyber Risk; Under-reporting
Abstract:

Under-reporting in cyber incidents is a well-established problem. Due to reputational risk and the consequent financial impact, a large proportion of incidents are never disclosed to the public, especially if they don’t involve a breach of protected data. Generally, the problem of under-reporting is solved through a proportion-based approach, where the level of under-reporting in a data set is determined by comparison to data that is fully reported. In this work, cyber insurance claims data is used as the complete dataset. Unlike most other work, however, our goal is to quantify under-reporting with respect to multiple dimensions: company revenue, industry, and incident categorization. We show that there is a dramatic difference in under-reporting—a factor of 100—as a function of these variables. The output of this work is an under-reporting model that can be used to correct incident frequencies derived from data sets of publicly reported incidents. This diminishes the “barrier to entry” in the development of cyber risk models, making it accessible to researchers who may not have the resources to acquire closely guarded cyber insurance claims data.


Authors who are presenting talks have a * after their name.

Back to the full JSM 2022 program