Correcting for Reporting Delays in Cyber Incidents
Seema Sangari, Eric Dallal
TL;DR
This paper introduces an algorithm that models reporting delays in cyber incidents to provide more accurate incident rate estimates, revealing recent increases in cyber events that reporting data alone may underestimate.
Contribution
The paper presents a novel method for modeling reporting delays in cyber incident data, improving the accuracy of incident rate estimation in the cyber insurance industry.
Findings
Reported cyber incident counts underestimate recent incident rates.
The correction reveals an increase in cyber events in recent months.
The model effectively adjusts for reporting delays.
Abstract
With an ever evolving cyber domain, delays in reporting incidents are a well-known problem in the cyber insurance industry. Addressing this problem is a requisite to obtaining the true picture of cyber incident rates and to model it appropriately. The proposed algorithm addresses this problem by creating a model of the distribution of reporting delays and using the model to correct reported incident counts to account for the expected proportion of incidents that have occurred but not yet been reported. In particular, this correction shows an increase in the number of cyber events in recent months rather than the decline suggested by reported counts.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInformation and Cyber Security · Network Security and Intrusion Detection · Software Reliability and Analysis Research