Hua, Lei, and Maochao Xu. 2021. “Pricing Cyber Insurance for a Large-Scale Network.” Variance 14 (2).
• Table 1. Effects of network topology on risk assessments
• Figure 1. Infected nodes over time, cases A, B, and C
• Figure 2. Histograms of the natural logarithm of accumulated infected nodes × month, cases A, B, and C
• Figure 3. Infected nodes over time, cases D and E
• Figure 4. Histogram of the natural logarithm of accumulated infected nodes × month, cases D and E
• Figure 5. Scatter plots of standardized covariates
• Table 2. Estimates of the regression coefficients for Tinf; the reference level of the categorical variable is Ninf0 = 1
• Table 3. ANOVA analysis for Tinf
• Table 4. Estimates of the regression coefficients for Nrec
• Table 5. Type III analysis for Nrec
• Table 6. ANOVA table for Tinf: case study with all variables included
• Table 7. ANOVA table for Tinf: case study with the candidate model
• Table 8. Estimates for Tinf: case study with the candidate model
• Table 9. Type III analysis for Nrec: case study with all variables included
• Table 10. Type III analysis for Nrec: case study with candidate model
• Table 11. Estimates for Nrec: case study with candidate model
• Figure 6. Scatter plots for Tinf and Nrec in the case study
• Table 12. Predicted Tinf and Nrec and the expected total loss in the case study
• Figure 7. Illustration of elapsed time $$\left\{ t_{j_{s}} \right\}$$ and τ
• Figure 8. Evolution of infection and recovery

## Abstract

To address the lack of cyber insurance loss data, we propose an innovative approach to pricing cyber insurance for a large-scale network using synthetic data. The synthetic data is generated by the proposed risk-spreading and risk-recovering algorithm. The algorithm allows the sequential occurrence of infection and recovery events, and it allows the dependence of the random waiting time to infection for different nodes. The scale-free network framework is adopted to account for the uncertain topology of the random large-scale network. Extensive simulation studies are conducted to understand the risk-spreading and risk-recovering mechanism and to uncover the most important underwriting risk factors. A case study is also presented to demonstrate that the proposed approach and algorithm can be adapted to provide reference for cyber-insurance pricing.

This paper was funded by the 2017 Individual Grants Competition funded by the Society of Actuaries and the Casualty Actuarial Society.

Accepted: February 15, 2020 EDT