In this paper, we provide (i) a rigorous general theory to elicit conditions on (tail-dependent) heavy-tailed cyber-risk distributions under which a risk management firm might find it (non)sustainable to provide aggregate cyber-risk coverage services for smart societies, and (ii)a real-data driven numerical study to validate claims made in theory assuming boundedly rational cyber-risk managers, alongside providing ideas to boost markets that aggregate dependent cyber-risks with heavy-tails.To the best of our knowledge, this is the only complete general theory till date on the feasibility of aggregate cyber-risk management.
翻译:在本文中,我们提供了(一) 严格的一般理论,以引出关于(依赖尾端的)重尾网络风险分布的条件,风险管理公司可能认为(无法持续)向智能社会提供综合网络风险覆盖服务,(二) 由真实数据驱动的数字研究,以核实理论上提出的主张,假设有绝对合理的网络风险管理者,同时提供想法,推动市场,使依赖性网络风险总量达到重尾。 据我们所知,这是迄今为止关于综合网络风险管理可行性的唯一完整的总体理论。