| Abstract: | ![]()
Cyber risk due to breach can be seen as a risk of a financial loss due to breach of an institution’s IT infrastructure by unauthorized parties and exploiting, taking possession of, or disclosing data assets, thus creating financial and/or reputation damage. In this paper, as a primary contribution to the existing body of actuarial literature, we propose a structural model of aggregate loss distribution for cyber risk of small and medium-sized enterprises under the assumption of a tree-based LAN topology. Up to our knowledge, there exist no theoretical models of an aggregate loss distribution for cyber risk in this setting. To achieve our goal, we contextualize the problem in the probabilistic graph-theoretical framework using percolation models. We assume that the IT network topology is represented by a random graph allowing for heterogeneous loss topology and providing instructive numerical examples. |
