Electronic Thesis and Dissertation Repository

Thesis Format

Integrated Article


Doctor of Philosophy


Statistics and Actuarial Sciences


Mamon, Rogemar S.


The growing demand for cyber insurance, which serves as a crucial vehicle for businesses' cyber risk management, is precipitated by the increasing number of incidents of cyberattacks and the corresponding legislative developments. As the cyber insurance market is hardening, risk insurers are faced with the challenge of reasonably pricing their products, particularly stand-alone policies. In this thesis, a pricing framework is established to benefit insurance carriers in the valuation of cyber insurance products and regulators in connection with reserving for cyber losses. Specifically, a hidden Markov model, driving certain factors of cyber risk dynamics, is used to calibrate the counting process for cyber incidents. Three self-contained but closely linked research undertakings in developing methodologies for cyber-risk analyses are presented in this thesis.

The first research study puts forward a valuation framework in which cyber-attack occurrences are captured by a regime-switching model driven by a Markov process that transitions in a three-state cyber kill chain. The estimator for the transition matrix is calculated utilising the change of reference probability measures along with the EM algorithm. The cyber insurance premium is then computed based on the random total losses, which are assumed to be following the doubly truncated Pareto distribution. The Vasi\v{c}ek model describes the interest-are process for discounting.

In our second research investigation, a modelling framework is proposed for the risk assessment of private health data breaches. Our investigation focuses on the data sets compiled by the Privacy Rights Clearinghouse and the U.S. Department of Health and Human Services. The counting process for the data-breach incidents is shown to be adequately modelled by the Markov-modulated non-homogeneous Poisson process (MMNPP) whilst the logarithm of the breach sizes is well-captured by the generalised Pareto distribution. We compute the cyber insurance premium at the institution level as well as both the Value-at-Risk (VaR) and Average VaR metrics. Our results indicate that cyber insurance policies with longer maturity are more cost-effective. This contribution advances in parameter estimation and implementation of the MMNPP in the context of cyber risk modelling.

The third research work extends the MMNPP model by constructing robust filter-based and smoother-based EM algorithms. In contrast to the usual EM algorithm for the maximum likelihood estimation, the filtering and smoothing-driven algorithms are more efficient and can incorporate new information into the parameter estimates in real time. A numerical demonstration of the MMNPP is carried out using the HHS data. To compare the three EM algorithms, we conduct a comprehensive simulation-based analysis with respect to the algorithms' efficiency, partition size, data size, intensity difference, regime occurrences impacted by transition rates, and the number-of-regimes selection. The comparative-analysis results together with the various heuristics for detailed implementation provide practical guidance to the end users of MMNPP.

Summary for Lay Audience

Cyber risk is a threat of digital attacks to information and technology systems, company networks, and computing programs. This peril could result in huge financial losses arising from breaches of sensitive information; money extortion involving business clients; and online-services interruptions. Instituting cybersecurity strategies is becoming more difficult considering that digital-crimes perpetrators are also getting more sophisticated in circumventing safeguards and defences to cyberattacks. From the operational standpoint, there are also billions of internet-of-things devices that anything connected could be hacked. Thus, all businesses of all types and sizes, especially those employing e-commerce, will likely be impacted by future cyber events. A cyber insurance policy is therefore a necessity now as a matter of risk mitigation in diligently protecting business and individuals' interests. The valuation and quantification of cyber risk in an insurance policy, along with appropriate coverage and what is deemed right for a specific need, is a central concern in actuarial science.

This thesis, by way of three coherent research investigations pertinent to the modelling of cyber risk, contributes to the development of new methodologies to price and manage cyber insurance contracts. Our results will be of direct benefit to insurance policy issuers and regulatory bodies as advanced economies combat this greatest risk. The novelty of our research is the customisation and implementation of certain approaches interspersed with a hidden Markov model to accurately capture the counting process and their relevant statistics for cyber incidents. Different calibration procedures via filtering, smoothing and hybridisation of existing algorithms, together with a comparative algorithm analysis, also accentuate our research innovation in providing real-time updates for model parameter estimates.

Available for download on Friday, April 04, 2025