Modeling the risk of data breach incidents at the firm level

Kazuki Ikegami, Hiroaki Kikuchi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Many firms and organizations are at risk of cyberattack nowadays. For example, in 2018 alone, 443 data breaches in Japan compromised some 5.61 million records of personal information. To respond to this threat, firms asset a risk of cybersecurity and introduce IT security management practices. However, it is unclear whether firms are able to identifying the tradeoff between effect of development of IT security practices and the risk of data breach. To address this, we propose a probabilistic model that estimates the risk of a data breach for a given firm using the Japan Network Security Association incident dataset, being a historical collection of cyber incidents from 2005 to 2018. This model yields the conditional probabilities of a data breach given conditions, which follows a negative binomial distribution. We highlight the difference in inter-arrival time between firms with security management and one without it. Based on the experimental results, we evaluate effects of security management and discuss some reasons for these differences.

Original languageEnglish
Title of host publicationInnovative Mobile and Internet Services in Ubiquitous Computing - Proceedings of the 14th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2020
EditorsLeonard Barolli, Aneta Poniszewska-Maranda, Hyunhee Park
PublisherSpringer
Pages135-148
Number of pages14
ISBN (Print)9783030503987
DOIs
Publication statusPublished - 2021
Event14th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2020 - Lodz, Poland
Duration: 1 Jul 20203 Jul 2020

Publication series

NameAdvances in Intelligent Systems and Computing
Volume1195 AISC
ISSN (Print)2194-5357
ISSN (Electronic)2194-5365

Conference

Conference14th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2020
CountryPoland
CityLodz
Period1/07/203/07/20

Fingerprint Dive into the research topics of 'Modeling the risk of data breach incidents at the firm level'. Together they form a unique fingerprint.

  • Cite this

    Ikegami, K., & Kikuchi, H. (2021). Modeling the risk of data breach incidents at the firm level. In L. Barolli, A. Poniszewska-Maranda, & H. Park (Eds.), Innovative Mobile and Internet Services in Ubiquitous Computing - Proceedings of the 14th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2020 (pp. 135-148). (Advances in Intelligent Systems and Computing; Vol. 1195 AISC). Springer. https://doi.org/10.1007/978-3-030-50399-4_14