Published online by Cambridge University Press: 03 February 2022
Potentialdata breach losses represent a significant part of operational risk and can be a serious concern for risk managers and insurers. In this paper, we employ the vine copulas under a Bayesian framework to co-model incidences from different data breach types. A full Bayesian approach can allow one to select both the copulas and margins and estimate their parameters in a coherent fashion. In particular, it can incorporate process, parameter, and model uncertainties, and this is very important for applications in risk management under current regulations. We also conduct a series of sensitivity tests on the Bayesian modelling results. Using two public data sets of data breach losses, we find that the overall dependency structure and tail dependence vary significantly between different types of data breaches. The optimally selected vine structure and pairwise copulas suggest more conservative value-at-risk estimates when compared to the other suboptimal copula models.