Actuarial Science and Financial Mathematics seminar series Caroline Hillairet |
Valuation of cyber-insurance derivatives indexed by Hawkes processes.
With the rise of digital economy, cyber risk has become a major concern for public entities, private companies and individuals. The threat of cyber risk is rapidly growing and evolving, making it one of the most important social and economic risks. In France, the ANSSI has announced a rise of 300 % of reported cyber incidents from 2019 to 2020, and no sector is spared.
In this context, we propose a multivariate Hawkes process to model cyber incidents frequency. Based on the Privacy Rights Clearinghouse (PRC) database, we show the ability of Hawkes models to capture self-excitation and interactions of data-breaches depending on their types and targets. Once we have characterized this self-excitation property of cyber claims arrivals, the challenge that arises is to compute valuation formula for cyber insurance contracts and portfolios.
Indeed, in actuarial science, classic models used to describe insurance portfolio relies on the assumptions of the claims arrival being modeled by a Poisson process, and of independence among claim sizes and between claim sizes and claim inter-occurrence times. However, in practice those assumptions are often too restrictive and there is a need for more general models. To achieve this, we provide an expansion formula for Hawkes processes which involves the addition of jumps at deterministic times in the spirit of the integration by parts formula for Poisson functional. Our approach allows us to provide an expansion of the premium of a class of cyber insurance derivatives (such as reinsurance contracts including generalized Stop- Loss contracts) or risk management instruments (like Expected Shortfall) in terms of so-called shifted Hawkes processes. From the actuarial point of view, these processes can be seen as "stressed" scenarios. Our expansion formula for Hawkes processes enables us to provide lower and upper bounds on the premium (or the risk evaluation) of such cyber contracts and to quantify the surplus of premium compared to the standard modeling with a homogenous Poisson process.
Based on joint works with Yannick Bessy-Roland, Alexandre Boumezoued, Anthony Réveillac and Mathieu Rosenbaum.