With the rise of digitalization, the presence of cyber risk has increased tremendously. Due to scarcity and poor data quality on past cyber losses, the application of accurate methods is crucial for cyber risk quantification. In this thesis, we focus on extreme value theory methods to model the severity of cyber incidents, especially data breaches. In particular, we study a modified version of the peaks-over-threshold method, which aims to increase accuracy by taking into account different risk factors. First, we consider an advanced regression method, the generalized additive model, for the estimation of the parameters of the generalized Pareto distribution depending on risk factors. Then we study regression trees, a machine learning tool, which serves the same purpose. In conclusion, we apply both methods to a publicly available database and compare our results to a standard peaks-over-threshold method     «

With the rise of digitalization, the presence of cyber risk has increased tremendously. Due to scarcity and poor data quality on past cyber losses, the application of accurate methods is crucial for cyber risk quantification. In this thesis, we focus on extreme value theory methods to model the severity of cyber incidents, especially data breaches. In particular, we study a modified version of the peaks-over-threshold method, which aims to increase accuracy by taking into account different risk...     »