Modeling reporting delays in cyber incidents: an industry-level comparison

Authors

Seema Sangari, Kennesaw State University
Eric Dallal, Cyber Solutions
Michael Whitman, Kennesaw State University

Department

School of Data Science and Analytics

Additional Department

Information Systems and Security

Document Type

Article

Publication Date

2-1-2023

Abstract

Cyber incidents often take time to be detected and even further time to be reported. Due to reporting delays, the reported proportion of recent incidents is smaller than for older incidents, resulting in the false impression of a diminishing frequency of cyber incident counts in recent years when examining databases of (publicly) reported cyber incidents. Obtaining an accurate view of the true trend therefore requires correcting for reporting delays. Complicating matters is the fact that the distribution of reporting delays differs from industry to industry. This paper investigates four distinct industries of US companies: Finance and Insurance, Educational Services, Health Care and Social Assistance, and Public Administration. This paper presents the correction for reporting delays in USA and by industry, with specific emphasis on the given industries. The research finds that there are longer reporting delays in Finance and Insurance, compared to the other three industries examined.

Journal Title

International Journal of Information Security

Journal ISSN

16155262

Volume

22

Issue

1

First Page

63

Last Page

76

Digital Object Identifier (DOI)

10.1007/s10207-022-00623-5