Abstract
In the last decades companies worldwide are facing a new kind of risk,
namely cyber risk, that has emerged as one of the top challenges in risk
management. Insurance was only recently applied to cyber world and
it is increasingly becoming part of the risk management process, posing
many challenges to actuaries. One of the main issues is the lack of data,
in particular nancial ones. The aim of the paper is to point out the
peculiarities of cyber insurance contracts with respect to the classical non
life insurance ones both from the insurer and the insured's perspective.
Therefore, the main actuarial principles that are fundamental to any valu-
ation in cyber context are discussed. An illustrative example is proposed
where the Chronology of Data Breaches provided by the Privacy Rights
Clearing House is deeply analyzed. The most suitable distributions to
represent the frequency and the severity of the reported cyber incidents
are examined and the value at risk measure is estimated. Then, two ex-
emplifying cases oer the assessment of both the premium required by
the insurer and the indierence premium that the insured is willing to
pay. Even though this research is still preliminary and shows some limits
highlighted by the authors, it could offer useful information to better un-
derstand this peculiar kind of insurance policies.
Anno
2019
Autori IAC
Tipo pubblicazione
Altri Autori
Maria Francesca Carfora, Fabio Martinelli, Francesco Mercaldo, Albina Orlando
Editore
Incisive Media,
Rivista
The journal of operational risk