Shah, Anand
(2016):
*Pricing and Risk Mitigation Analysis of a Cyber Liability Insurance using Gaussian, t and Gumbel Copulas – A case for Cyber Risk Index.*

Preview |
PDF
MPRA_paper_111968.pdf Download (4MB) | Preview |

## Abstract

Cyber risk, a type of operational risk, is today considered a key component in the enterprise risk management framework. Under BASEL regulations, a bank could recognize the risk mitigating impact of the Cyber Liability Insurance (CLI) contract while calculating the minimum operational risk capital requirement. Despite this benefit and the onerous data protection acts, organizations are still reluctant to buy CLI contracts. In this work, we price and analyze a CLI contract using Gaussian, t and Gumbel copulas and evaluate the contract’s cyber risk mitigation effectiveness. We find that the current structure of the CLI contract with the limits and sub-limits may be inefficient at mitigating the cyber risk especially if the cyber risk losses were correlated and showed upper tail dependency. We then propose a case for a traded index for the cyber risk similar to the Property Claim Services (PCS) index for the catastrophic risk. A traded cyber risk index could offer wider cyber risk hedging alternatives to the insurers. Given such risk hedging alternatives, the insurers may have lower impetus to set conservative limits in the CLI contracts thus making the contracts more effective in mitigating the cyber risk of the organizations.

Item Type: | MPRA Paper |
---|---|

Original Title: | Pricing and Risk Mitigation Analysis of a Cyber Liability Insurance using Gaussian, t and Gumbel Copulas – A case for Cyber Risk Index |

Language: | English |

Keywords: | Interplay between finance and Insurance, cyber risk index, cyber liability insurance pricing, Gaussian, t and Gumbel copulas, operational risk, value at risk (VaR), conditional tail expectation (CTE), BASEL regulations, pricing of contingent claims in incomplete markets, Monte Carlo simulations |

Subjects: | G - Financial Economics > G1 - General Financial Markets > G13 - Contingent Pricing ; Futures Pricing G - Financial Economics > G2 - Financial Institutions and Services > G21 - Banks ; Depository Institutions ; Micro Finance Institutions ; Mortgages G - Financial Economics > G2 - Financial Institutions and Services > G22 - Insurance ; Insurance Companies ; Actuarial Studies G - Financial Economics > G2 - Financial Institutions and Services > G28 - Government Policy and Regulation |

Item ID: | 111968 |

Depositing User: | Anand Shah |

Date Deposited: | 03 Apr 2022 19:08 |

Last Modified: | 03 Apr 2022 19:08 |

References: | Abdessalem M., Ohnishi M.; (2014); Catastrophe Risk Derivatives: A New Approach; Journal of Mathematical Finance; Vol. 4 No. 1; pp. 21-34. Alexander C.; (2008); Practical Financial Econometrics, John Wiley and Sons Ltd. Avanzi B., Cassar L., Wong B.; (2011); Modelling Dependence in Insurance Claims Processes with Levy Copulas, The Institute of Actuaries of Australia, Biennial Convention, Sydney. Bandyopadhyay T., Mookerjee V., Rao R.; (2009); Why IT Managers don’t go for Cyber Insurance Products, Communications of the ACM; Volume 52 Issue 11, November 2009; pp. 68-73. Basel Committee on Banking Supervision; (2006); International Convergence of Capital Measurement and Capital Standards- A Revised Framework; June 2006. Berthold S., Böhme R.; (2009); Valuing privacy with option pricing theory; Workshop on the Economics of Information Security (WEIS) 2009. Biagini, E, Bregman, Y., Meyer-Brandis, T.; Pricing of Catastrophe Insurance Options Written on a Loss Index with Reestimation; Insurance; Mathematics and Economics; Volume 43 Issue 2; pp. 214-222. Biener C., Eling M., Wirfs J.; (2015); Insurability of Cyber Risk: An Empirical Analysis; Working Papers on Risk Management and Insurance No. 151. Bjork T.; (2009); Arbitrage Theory in Continuous Time, Third Edition, Oxford University Press. Böcker K., Klüppelberg C.; (2010); Modelling and Measuring Multivariate Operational Risks with Lèvy Copulas; Quantitative Finance; Volume 10; Issue 8, pp. 855–869. Bohme R., Kataria G.; (2006); Models and Measures for Correlation in Cyber-Insurance; Workshop on the Economics of Insurance Security; 2006. Böhme R., Schwartz G.; (2010); Modeling Cyber-Insurance: Towards A Unifying Framework, Workshop on the Economics of Information Security (WEIS) 2010. Böhme R.; (2005); Cyber-Insurance Revisited, Workshop on the Economics of Information Security (WEIS) 2005. Boucher S., Delpierre M., (2014), The impact of index based insurance on informal risk sharing arrangements, CEPS/INSTEAD, Working Papers no. 2014-13, 36p. Bowers N., Gerber H., Hickmann J., Jones D., Nesbitt C.; (1997); Actuarial Mathematics, 2nd Edition, The Society of Actuaries, Schaumberg, Illinois. Buhlmann H.; (1980); An Economic Premium Principle. Astin Bulletin; Volume 11; pp. 52-60. Buhlmann H.; (2005); Mathematical Methods in Risk Theory, Springer-Verlag. Christensen C.; (1998); The PCS-option, An improvement of the CAT-Future; Center for Analytical Finance, University of Aarhus. Christensen C.; (1999); A New model for pricing catastrophe insurance derivatives; Working Paper Series No. 28, Center for Analytical Finance, University of Aarhus. Christensen C.; (2001); Implied loss distributions for catastrophe insurance derivatives; Working Paper Series No. 80, Center for Analytical Finance, University of Aarhus. Delbaen, F., Haezendonck, J.; (1989); A martingale approach to premium calculation principles in an arbitrage free market. Insurance: Mathematics and Economics 8; pp. 269-277. Demarta S., McNeil A.; 2004; The t Copula and Related Copulas; ETH Zenturm; Federal Institute of Technology. Embrechts P., (1996) Actuarial versus financial pricing of insurance. Paper presented at the conference on Risk Management of Insurance Firms, The Wharton School of the University of Pennsylvania. Embrechts P., (2009); Copulas: A Personal View; Journal of Risk and Insurance; Volume 76; Issue 3; September 2009; pp. 639–650. Embrechts P., Lindskog F., McNeil A.; (2001); Modelling Dependence with Copulas and Applications to Risk Management; Department of Mathematics; ETHZ. Embrechts P., Meister S.; (1997); Pricing Insurance Derivatives, the case of CAT futures; Securitization of Insurance Risk; 1995 Bowles Symposium; SOA Monographs M-F197 -1; pp 15-26. Frees E., Valdez E.; (1997); Understanding Relationships using Copulas; 32nd Actuarial Research Conference; The University of Calgary; Alberta; Canada; August 1997. Fu L., Moncher R.; (2004), Severity Distributions for GLMs: Gamma or Lognormal? Evidence from Monte Carlo Simulations; Casualty Actuarial Society; Discussion paper program. Fusai G., Roncoroni A.; (2008); Implementing Models in Quantitative Finance: Methods and Cases, Springer Verlag. Genest C., MacKay J.; (1986); The Joy of Copulas: Bivariate Distributions with Uniform Marginals; The American Statistician; Volume 40; Issue 4; November 1986; pp. 280-283. Gerber H., Pafumi G.; (1998); Utility function from risk theory to finance; North-American Actuarial Journal. Gerber H., Shiu E.; (1994); Option Pricing by Esscher Transform; Transactions of Society of Actuaries, Volume 46. Gerber H., Shiu E.; (1995); Actuarial Approach to Option Pricing; 5th AFIR International Colloquium; pp. 43-96. Gritzalis, S., Yannacopoulos N., Lambrinoudakis, C., Hatzopoulos P., Katsikas N.; (2007); A probabilistic model for optimal insurance contracts against security risks and privacy violation in IT outsourcing environments, International Journal of Information Security; Vol. 6; pp. 197-211. Herath H., Herath T.; (2011); Copula based actuarial model for pricing cyber-insurance policies; Insurance Markets and Companies: Analyses and Actuarial Computations; Volume 2, Issue 1. Lane M., Movchan O.; (1998); The Perfume of the Premium II; Sedwick Lane Financial; Trade Notes. Linskog F., McNeil A. J.; (2003); Common Poisson Shock models: Application to insurance and credit risk modeling; ASTIN Bulletin Volume 33; Issue 2; pp. 209-238. Mack T.; (1984); Premium Calculation for deductible policies with an aggregate limit; ASTIN Bulletin; Volume 14; Issue 02; pp 105-121. Maillart T., Sornette D.; (2009); Heavy tailed distribution of cyber risks; Physics of Condensed Matter. McNeil A., Frey R., Embrechts P.; (2005) Quantitative Risk Management: Concepts Techniques and Tools; Princeton University Press. Mikosch T.; (2009); Non-Life Insurance Mathematics: An Introduction with the Poisson Processes, 2nd Edition Springer Verlag. Muermann A.; (2003); Actuarially Consistent Valuation of Catastrophe Derivatives, The Wharton Financial Institutions Center; University of Pennsylvania; Working Paper; 03-18. Panjer H.; (2006); Operational risk: Modeling Analytics, John Wiley &Sons. Richards K.; (2014); Is Cyber Insurance worth the Risk, Website: http://searchsecurity.techtarget.com/feature/Is-cyberinsurance-worth-the-risk. Scharf I.; (2014); The Problem with Cyber Insurance, Website: http://www.darkreading.com/risk/the-problem-with-cyber-insurance/a/d-id/1269682. Shah A., Dahake S., Sri Hari Haran J.; (2015); Valuing Data Security and Privacy using Cyber Insurance, Newsletter, ACM SIGCAS Computers and Society, Volume 45 Issue 1, February 2015 pp. 38-41. Tan K., Cai J.; (2008); Optimal retention for a Stop-Loss Reinsurance under VaR and CTE Risk Measures; Insurance: Mathematics and Economics; Volume 43; Issue 1; pp.185-196. Tankon P., Cont R.; (2004), Financial Modeling with Jump Processes, Chapman and Hall, Boca Raton. Venter G., 1991, Premium Calculation implications of reinsurance without arbitrage, ASTIN Bulletin, Volume 2, Issue 02, 1991, pp 223-230. Website AIG: http://www.aig.com/chartis/internet/uk/eni/AIGPROFCYBER%20CyberEdge%20Cyber%20Liability%20Insurance_tcm2538-409823.pdf Website: IT Governance UK, http://www.itgovernance.co.uk/dpa-penalties.aspx#.VJJ84tKUdps World Economic Forum; (2015); Partnering for Cyber Resilience – Towards the Quantification of Cyber Threats, January 2015. Yannacopoulos, N., Lambrinoudakis, C., Gritzalis, S., Xanthopoulos, Z., Katsikas, N.; (2008); Modeling Privacy Insurance Contracts and Their Utilization in Risk Management for ICT Firms, ESORICS 2008, pp. 207-222. |

URI: | https://mpra.ub.uni-muenchen.de/id/eprint/111968 |