skip to main content


Search for: All records

Award ID contains: 1652610

Note: When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).
What is a DOI Number?

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

  1. null (Ed.)
    Insurance premiums reflect expectations about the future losses of each insured. Given the dearth of cyber security loss data, market premiums could shed light on the true magnitude of cyber losses despite noise from factors unrelated to losses. To that end, we extract cyber insurance pricing information from the regulatory filings of 26 insurers. We provide empirical observations on how premiums vary by coverage type, amount, and policyholder type and over time. A method using particle swarm optimisation and the expected value premium principle is introduced to iterate through candidate parameterised distributions with the goal of reducing error in predicting observed prices. We then aggregate the inferred loss models across 6,828 observed prices from all 26 insurers to derive the County Fair Cyber Loss Distribution . We demonstrate its value in decision support by applying it to a theoretical retail firm with annual revenue of $50M. The results suggest that the expected cyber liability loss is $428K and that the firm faces a 2.3% chance of experiencing a cyber liability loss between $100K and $10M each year. The method and resulting estimates could help organisations better manage cyber risk, regardless of whether they purchase insurance. 
    more » « less
  2. null (Ed.)
    We examine approximately nine months of data on losses from business email compromise (BEC) reported to the FBI’s Internet Crime Complaint Center in 2017. We describe the empirically observed loss distribution.We study differences in the amounts attempted stolen when the attacks were successful or not.We show that money stolen and transmitted internationally is less likely to be recovered. We also find, somewhat surprisingly, that illicit transfers to in-state banks are also more likely to succeed. Finally, we study state-level differences among BEC target selection and asset recovery. 
    more » « less
  3. null (Ed.)
    We identify over a quarter of a million domains used by medium and large companies within the .com registry. We find that for around 7% of these companies very similar domain names have been registered with character changes that are intended to be indistinguishable at a casual glance. These domains would be suitable for use in Business Email Compromise frauds. Using historical registration and name server data we identify the timing, rate, and movement of these look-alike domains over a ten year period. This allows us to identify clusters of registrations which are quite clearly malicious and show how the criminals have moved their activity over time in response to countermeasures. Although the malicious activity peaked in 2016, there is still sufficient ongoing activity to cause concern. 
    more » « less
  4. The actuarially fair insurance premium reflects the expected loss for each insured. Given the dearth of cyber security loss data, market premiums could shed light on the true magnitude of cyber losses despite noise from factors unrelated to losses. To that end, we extract cyber insurance pricing information from the regulatory filings of 26 insurers. We provide empirical observations on how premiums vary by coverage type, amount, policyholder type, and over time. A method using Particle Swarm Optimization is introduced to iterate through candidate parameterized distributions with the goal of reducing error in predicting observed prices. We then aggregate the inferred loss models across 6,828 observed prices from all 26 insurers to derive the County Fair Cyber Loss Distribution. We demonstrate its value in decision support by applying it to a theoretical retail firm with annual revenue of $50M. The results suggest that the expected cyber liability loss is $428K, and that the firm faces a 2.3%chance of experiencing a cyber liability loss between $100K and $10M each year. The method could help organizations better manage cyber risk, regardless of whether they purchase insurance. 
    more » « less