Graduation Term

2024

Degree Name

Master of Science (MS)

Department

Department of Mathematics

Committee Chair

Maochao Xu

Abstract

In an era where cyber risks are escalating at an unprecedented rate, understanding andmitigating data breach risks has become critical for organizations. This paper proposes a novel frequency-severity model to assess hacking data breach risks at the individual company level, focusing on the Finance, Healthcare, and Technology sectors. Our anal- ysis reveals significant heterogeneity in breach frequencies and severities across sectors and individual companies within those sectors. To model breach frequency, we employ a Zero-Inflated Poisson (ZI-Poisson) model with random effects, capturing unobserved heterogeneity and within-firm correlations over time. Breach severity is modeled using a log-normal regression, given the symmetrical distribution of severity after logarithmic transformation. The dependence between frequency and severity is addressed using a Rotated 90° Clayton copula, effectively capturing the modest yet significant negative correlation. Our findings indicate that the proposed model outperforms traditional mod- els in predictive accuracy, as demonstrated by in-sample and out-of-sample evaluations. This model’s superior performance underscores its potential for providing more precise risk assessments and tailored risk management strategies. However, the study acknowl- edges several limitations, including the assumption of independence within sectors, the fixed variance-covariance structure of random effects, and the reliance on publicly re- ported data, which may not capture all breach incidents. Future research should focus on enhancing the flexibility of random effects, expanding datasets through improved data collection practices, and exploring advanced copula models to better capture dynamic dependencies.

Keywords: Data Breach; Cyber Risk; Frequency; Severity; Copula

Access Type

Thesis-Open Access

DOI

https://doi.org/10.30707/ETD2024.20240827063557820898.999969

Download

Share

COinS