Dynamic cyber risk estimation with Competitive Quantile Autoregression
This work addresses cyber risk estimation for enterprises, offering incremental improvements in flexibility and dynamic updating over existing techniques.
The authors tackled the problem of dynamic cyber risk estimation by proposing two methods for modeling Value-at-Risk (VaR) in time-series data, including a novel Competitive Quantile Autoregression (CQAR) that dynamically updates risk estimates and provides a theoretical guarantee of asymptotic performance comparable to any QAR method.
The increasing value of data held in enterprises makes it an attractive target to attackers. The increasing likelihood and impact of a cyber attack have highlighted the importance of effective cyber risk estimation. We propose two methods for modelling Value-at-Risk (VaR) which can be used for any time-series data. The first approach is based on Quantile Autoregression (QAR), which can estimate VaR for different quantiles, i.e. confidence levels. The second method, we term Competitive Quantile Autoregression (CQAR), dynamically re-estimates cyber risk as soon as new data becomes available. This method provides a theoretical guarantee that it asymptotically performs as well as any QAR at any time point in the future. We show that these methods can predict the size and inter-arrival time of cyber hacking breaches by running coverage tests. The proposed approaches allow to model a separate stochastic process for each significance level and therefore provide more flexibility compared to previously proposed techniques. We provide a fully reproducible code used for conducting the experiments.