Modeling the effect of spending on cyber security by using surplus process

Modeling the effect of spending on cyber security by using surplus process

In this paper, we assume the security level of a system is a quantifiable metric and apply the insurance company ruin theory in assessing the defense failure frequencies. The current security level of an information system can be viewed as the initial insurer surplus; defense investment can be viewe...

Full description

Saved in:
Bibliographic Details
Main Authors: Nie, Ciyu, Li, Jingchao, Wang, Shaun
Other Authors: Nanyang Business School
Format: Article
Language:English
Published: 2020
Subjects:
Engineering::Mathematics and analysis
Budget Control
Insurance
Online Access:https://hdl.handle.net/10356/145254
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-145254
record_format dspace
spelling sg-ntu-dr.10356-1452542023-05-19T07:31:18Z Modeling the effect of spending on cyber security by using surplus process Nie, Ciyu Li, Jingchao Wang, Shaun Nanyang Business School Engineering::Mathematics and analysis Budget Control Insurance In this paper, we assume the security level of a system is a quantifiable metric and apply the insurance company ruin theory in assessing the defense failure frequencies. The current security level of an information system can be viewed as the initial insurer surplus; defense investment can be viewed as premium income resulting in an increase in the security level; cyberattack arrivals follow a Poisson process, and the impact of attacks is modeled as losses on the security level. The occurrence of cyber breach is modeled as a ruin event. We use this framework to determine optimal investment in cyber security that minimizes the total cyber costs. We show by numerical examples that there is an optimal allocation of total cyber security budget to (1) IT security maintenance/upkeep spending versus (2) external cyber risk transfer. Published version 2020-12-16T02:06:23Z 2020-12-16T02:06:23Z 2020 Journal Article Nie, C., Li, J., & Wang, S. (2020). Modeling the effect of spending on cyber security by using surplus process. Mathematical Problems in Engineering, 2020, 3239591-. doi:10.1155/2020/3239591 1024-123X https://hdl.handle.net/10356/145254 10.1155/2020/3239591 2020 en Mathematical Problems in Engineering © 2020 Ciyu Nie et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. application/pdf
institution Nanyang Technological University
building NTU Library
continent Asia
country Singapore
Singapore
content_provider NTU Library
collection DR-NTU
language English
topic Engineering::Mathematics and analysis
Budget Control
Insurance
spellingShingle Engineering::Mathematics and analysis
Budget Control
Insurance
Nie, Ciyu
Li, Jingchao
Wang, Shaun
Modeling the effect of spending on cyber security by using surplus process
description In this paper, we assume the security level of a system is a quantifiable metric and apply the insurance company ruin theory in assessing the defense failure frequencies. The current security level of an information system can be viewed as the initial insurer surplus; defense investment can be viewed as premium income resulting in an increase in the security level; cyberattack arrivals follow a Poisson process, and the impact of attacks is modeled as losses on the security level. The occurrence of cyber breach is modeled as a ruin event. We use this framework to determine optimal investment in cyber security that minimizes the total cyber costs. We show by numerical examples that there is an optimal allocation of total cyber security budget to (1) IT security maintenance/upkeep spending versus (2) external cyber risk transfer.
author2 Nanyang Business School
author_facet Nanyang Business School
Nie, Ciyu
Li, Jingchao
Wang, Shaun
format Article
author Nie, Ciyu
Li, Jingchao
Wang, Shaun
author_sort Nie, Ciyu
title Modeling the effect of spending on cyber security by using surplus process
title_short Modeling the effect of spending on cyber security by using surplus process
title_full Modeling the effect of spending on cyber security by using surplus process
title_fullStr Modeling the effect of spending on cyber security by using surplus process
title_full_unstemmed Modeling the effect of spending on cyber security by using surplus process
title_sort modeling the effect of spending on cyber security by using surplus process
publishDate 2020
url https://hdl.handle.net/10356/145254
_version_ 1772826665883271168

Similar Items