Cyber Risk: Estimates for Malicious and Negligent Breaches Distributions

Cyber risk is a fast-growing area of interest and companies have to include it in their risk management framework. Modelling frequency and severity of cyber incidents is a crucial step in actuarial valuations related to cyber insurance, a way of transferring part of the residual cyber risk to a third party. In the last years, data breaches seem to be the main cause of cyber incidents. Aim of this paper is to give further insights about frequency and severity statistical distributions, by analyzing the Chronology of Data Breaches provided by the Privacy Rights Clearinghouse.