Abstract
Data breaches have been increasing noticeably after 2021 notwithstanding the efforts of regulatory bodies to strengthen cybersecurity measures to protect health information. We provide a modelling framework that assesses the risk of private health data breaches focusing on the data sets compiled by the Privacy Rights Clearinghouse and the U.S. Department of Health and Human Services. We show that the counting process of the data-breach incidents is adequately modelled by the Markov-modulated non-homogeneous Poisson process (MMNPP) whilst the logarithm of the breach sizes is well-captured by the generalised Pareto distribution. The cyber insurance premium per institution and two risk measures Value-at-Risk (VaR) and Average VaR are obtained. The computed results indicate that cyber insurance policies with longer maturity are more cost effective. A comprehensive analysis, parameter estimation and implementation of the MMNPP to model cyber risks are underscored as the principal contributions of this research. Some implications to practitioners in handling the modelling of data breaches for a group of institutions are given.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
