Publications
[1] Lopez, O., Picard, F. Cyber-assurance : nouveaux modèles pour quantifier l’impact économique des risques numériques (Revue d'économie financière, 2019).
Abstract: New risks arise from the digital transformation. With the increase of cyber threats, insurance contracts appear as fundamental tools to improve the resilience of society. While the cyber insurance market is expanding, quantification of the economic impact of this risk is still blurred. It requires sophisticated stochastic models - to capture the complexity of the involved phenomena and their high volatility, for example the accumulation risk - while taking the weakness of available data into account. In this article, we emphasize the difficulties to collecte accurate data, and the impact of behavior of the agents on risk evaluation. We also mention potential methodological paths to overcome these issues.
https://www.cairn.info/revue-d-economie-financiere-2019-3-page-245.htm
[2] Bessy-Roland Y., Boumezoued A., Hillairet C., Multivariate Hawkes process for Cyber Risk Insurance. (Annals of Actuarial Science, 2021)
Abstract: Among the several features of cyber-attacks one wants to reproduce, those related to the memory of events and self-exciting behavior is of major importance, as it underlies the clustering and auto-correlation of times of cyber-attacks. In this paper, we propose a multivariate Hawkes framework for modelling and predicting cyber- attacks frequency. The inference is based on a public dataset containing features of data-breaches targeting the US industry. As a main output of this paper, we demonstrate the supremacy of Hawkes models over Poisson models. We also develop a penalized inference procedure to capture the relevant interactions between different classes of attacks, and detail prediction results providing the full distribution of future cyber-attacks times of occurrence. In addition we shows that a non-instantaneous excitation, which is not the classical framework of the exponential kernel, better fit with our data. In an insurance framework, this study allows to determine quantiles for an internal model as well as the frequency component for a data breach guarantee.
https://hal.archives-ouvertes.fr/hal-02546343
[3] Farkas, S., Lopez, O., Thomas, M., Cyber claims analysis through Generalized Pareto Regression Trees with applications to insurance pricing and reserving. (Insurance: Mathematics and Economics, 2021)
Abstract: In this paper we propose a methodology to analyze the heterogeneity of cyber claims databases. This heterogeneity is caused by the evolution of the risk but also by the evolution in the quality of data and of sources of information through time. We consider a public database, already studied by Eling and Loperfido (2017), which is considered as a benchmark for cyber events analysis. Using regression trees, we investigate the heterogeneity of the reported cyber claims. A particular attention is devoted to the tail of the distribution, using a Generalized Pareto likelihood as splitting criterion in the regression trees. Combining this analysis with a model for the frequency of the claims, we develop a simple pricing model for cyber insurance.
https://hal.archives-ouvertes.fr/hal-02118080
[4] Farkas, S., Lopez, O., Thomas, M., Tree-based methods for cyber claims analysis (Insurance Data Analytics: some case studies of advanced algorithms and applications”, Chapter 3 p. 75-92 Ed. Economica, 2020)
Abstract: Cyber-insurance is an expanding market, but risk evaluation is hard due to the heterogeneity of cyber claims in terms of severity. In this paper, we show that a good understanding of this heterogeneity may contribute to the insurability of the risk, or at least of most cyber events. A special focus on heterogeneity analysis through the regression tree procedure introduced by Farkas et al. (2019). A simulation study investigate the stability of the method.
[5] Hillairet, C. and Lopez, O. Propagation of cyber incidents in an insurance portfolio: counting processes combined with compartmental epidemiological models, (Scandinavian Actuarial Journal, 2021).
Abstract: Modeling the accumulation risk in an insurance portfolio We develop stochastic models to determine the impact of a massive cyber attack on an insurance portfolio. The model is based on the classical SIR framework (Susceptible - Infected - Recovered) of epidemiological models. We provide a general framework to quantify the impact on the portfolio of such an event. The nal proportion of victims is the result of a competition between the contagion process and the "vaccination" process. We thus calibrate response policies for the insurance company (such as prevention and reaction time to the attack). We also consider the possibility of a "collapse" of the response system. Indeed, numerous cyber policies do not only include nancial reparation, but assistance to the policyholders, however the insurance company has a limited capacity of response to the incident. The capacity of the response team can be overload if the number of policyholders to be assisted becomes too large. This incapacity of the insurance company to intervene appropriately in a short amount of time may induce additional losses ( nancial penalties, loss of reputation, but also increased damages for the policyholders, left alone with no assistance). We provide sharp bounds for the probability that such a collapse of the response system to occur. We illustrate the theory by numerics calibrated on a Wannacry-type scenario.
https://hal.archives-ouvertes.fr/hal-02564462
[6] Béra, M. and Lopez, O. Crise du Covid-19: la crise de l’anticipation? La nécessaire modélisation des risques (Conflits, 2021).
Abstract: This article deals with the uncertainty of models, and the comparison between the crisis of Covid-19 and potential cyber pandemics.
[7] Lopez, O. L’assurance cyber : un jeu où l’information doit être partagée (InCyber, 2021).
https://incyber.fr/lassurance-cyber-jeu-information-doit-etre-partagee/
[8] Lopez, O. Accumulation, dependences and extreme scenario building: preconditions for cyber risk insurability (AXA Research Fund, in "Building cyber resilience", 2021).
https://incyber.fr/lassurance-cyber-jeu-information-doit-etre-partagee/
[9] Lopez, O., Thomas, M. Comprendre les risques extrêmes (L'Actuariel, 2021).
Abstract: L’étude des risques extrêmes est l’un des problèmes statistiques les plus complexes. La constitution de classes de risques caractérisées par leur queue de distribution, via des techniques de machine learning, est un champ prometteur pour la gestion des risques.
https://www.lactuariel.fr/metier/technique/comprendre-les-risques-extremes/
[10] Hillairet, C., Lopez, O. Cyber-assurance : enjeux, modélisations et leviers de mutualisation (Opinion et débats, 2022).
[11] Hillairet, C., Lopez, O., d'Oultremont L. and Spoorenberg, B. Cyber-contagion model with network structure applied to insurance. Insurance: Mathematics and Economics 107 (2022) 88--101
Abstract: In this paper, we provide a model that aims to describe the impact of a massive cyber attack on an insurance portfolio, taking into account the structure of the network. Due to the contagion, such an event can rapidly generate consequent damages, and mutualization of the losses may not hold anymore. The composition of the portfolio should therefore be diversified enough to prevent or reduce the impact of such events, with the difficulty that the relationships between actor is difficult to assess. Our approach consists in introducing a multi-group epidemiological model which, apart from its ability to describe the intensity of connections between actors, can be calibrated from a relatively small amount of data, and through fast numerical procedures. We show how this model can be used to generate reasonable scenarios of cyber events, and investigate the response to different types of attacks or behavior of the actors, allowing to quantify the benefit of an efficient prevention policy.
https://hal.archives-ouvertes.fr/hal-03388840v1
[12] Hillairet, C., Réveillac, A, and Rosenbaum, M. An expansion formula for Hawkes processes and application to cyber-insurance derivatives (Under Revision, 2021).
Abstract: We provide an expansion formula for the valuation of reinsurance contracts (such that Stop-Loss contracts) whose payoff depends on a cumulative loss indexed by a Hawkes process. This methodology can be applied to cyber-insurance contracts, as the times of occurrence of cyber-claims exhibit self-exciting behavior. The expansion formula involves the addition of jumps at deterministic times to the Hawkes process in the spirit of the well-known integration by parts formula for Poisson functional. From the actuarial point of view, these processes can be seen as ”stressed” scenarios. Our expansion formula for Hawkes processes enables us to provide lower and upper bounds on the premium (or the risk evaluation) of such contracts.
https://tel.archives-ouvertes.fr/CREST/hal-03189601v1
[13] Farkas, S., Heranval, A., Lopez, O., Thomas, M. Generalized Pareto Regression Trees for extreme events analysis (Submitted, 2021).
Abstract: In this paper, we provide finite sample results to assess the consistency of Generalized Pareto regression trees, as tools to perform extreme value regression. The results that we provide are obtained from concentration inequalities, and are valid for a finite sample size, taking into account a misspecification bias that arises from the use of a "Peaks over Threshold" approach. The properties that we derive also legitimate the pruning strategies (i.e. the model selection rules) used to select a proper tree that achieves compromise between bias and variance. The methodology is illustrated through a simulation study, and a real data application.
https://hal.archives-ouvertes.fr/hal-03486564
[14] Hillairet, C., Huang L., Khabou M., Réveillac A. Malliavin-Stein methods for Hawkes functionals, ALEA, Lat. Am. J. Probab. Math. Stat. 19, 1293--1328, 2022
Abstract: In this paper, following Nourdin-Peccati's methodology, we combine the Malliavin calculus and Stein's method to provide general bounds on the Wasserstein distance between functionals of a compound Hawkes process and a given Gaussian density. To achieve this, we rely on the Poisson embedding representation of an Hawkes process to provide a Malliavin calculus for the Hawkes processes, and more generally for compound Hawkes processes. As an application, we close a gap in the literature by providing the first Berry-Esséen bounds associated to Central Limit Theorems for the compound Hawkes process.
https://hal.archives-ouvertes.fr/hal-03189614/
[15] Hillairet, C., Lopez, O. Building Cyber Resilience: Threats, Enablers and Anticipation, AXA Research Fund prespective, (2021)
[16] Hillairet, C., Lopez, O. Construction of massive cyber-attacks scenarios : impact of the network structure and protection measures Publication in Capco, Journal of Financial Transformation (2022).
[16] Lopez, O., Thomas, M. Parametric insurance for extreme risks: the challenge to properly cover severe claims (Submitted, 2022).
Abstract: Recently, parametric insurance has emerged as a convenient way to cover risks that may be difficult to evaluate. Through the introduction of a parameter that triggers compensation and allows the insurer to determine a payment without evaluating the true loss, these products simplify the compensation process, and provide easily tractable indicators to perform risk management. On the other hand, this parameter may sometimes deviate from its purpose, and may not always correctly represent the basis risk. In this paper, we provide theoretical results that investigate the behavior of parametric insurance products when they are confronted to large claims. These results, in particular, measure the difference between the true loss and the parameter in a generic situation, with a particular focus on heavy-tailed losses. Simulation studies that complete the analysis show the importance of nonlinear dependence measures to ensure a good protection over the whole distribution.
https://hal.sorbonne-universite.fr/hal-03524677
[17] Farkas, S., Lopez, O. Semiparametric copula models applied to the decomposition of claim amounts (Submitted, 2022).
Abstract: In this paper, we develop a conditional copula model to analyze the distribution of a claim that generates different types of costs and/or simultaneously impact several guarantees. Our methodology is adapted to taking into account the particular structure of our data, since observations are subject to right-censoring. Right-censoring occurs since payment of a claim is not made instantaneously, and therefore unsettled claims only provide a partial information on the phenomenon that one wishes to model. The new methodology that we develop is supported by theoretical results that show the asymptotic normality of our estimators. A simulation study and a real data analysis illustrate the method.
[18] Lopez, O., Thomas, M. Identification of a network structure in a portfolio with application in cyber insurance (Submitted, 2022).
Abstract: We consider an insurance portfolio, where classes of policyholders are linked through a network structure which is unknown. The identification of the network structure is done through the introduction of an instrumental variable which reflects this topology. The model can then be used to design diversification strategies to ensure that the portfolio can resist to "contagious" events that may spread from one class of policyholders to another. An application in cyber insurance is considered.
[19] Hillairet, C., Réveillac A On the chaotic expansion for counting processes (Submitted, 2022).
Abstract: We introduce and study an alternative form of the chaotic expansion for counting processes using the Poisson imbedding representation; we name this alternative form "pseudo-chaotic expansion". As an application, we prove that the coefficients of this pseudo-chaotic expansion for any linear Hawkes process are obtained in closed form, whereas those of the usual chaotic expansion cannot be derived explicitly. Finally, we study further the structure of linear Hawkes processes by constructing an example of a process in a pseudo-chaotic form that satisfies the stochastic self-exciting intensity equation which determines a Hawkes process (in particular its expectation equals the one of a Hawkes process) but which fails to be a counting process.