MATHEMATICAL ASSESSMENT OF CYBERSECURITY RISKS IN THE DIGITAL ECONOMY

Статьи

MATHEMATICAL ASSESSMENT OF CYBERSECURITY RISKS IN THE DIGITAL ECONOMY

Abdullayev Akmaljon Abdujalilovich

Tashkent Institute of Irrigation and Agricultural Mechanization Engineers

Nurmatova Sevara Batirovna

Tashkent Perfect University

Published May 20, 2026

Issue Vol. 1 No. 1 (2026): Journal of Global Scientific Innovations

Pages 27-36

DOI 10.66639/cv51n104

Open Access

Abstract

The rapid expansion of digital financial services creates both economic opportunity and systemic cybersecurity vulnerability. Quantifying the relationship between cyber-attack frequency, associated economic losses, and protective investment remains an open challenge in the literature. This paper introduces a straightforward mathematical framework — combining a loss function, an exponential risk-reduction model, and a return-on-security-investment (ROSI) formula — to measure and optimise cybersecurity spending in a digital economy context. The model is calibrated using empirical data from Uzbekistan's banking sector (2018–2023). Results show that a one-unit increase in the Cybersecurity Readiness Score (CRS) reduces expected annual losses by USD 3.4 million on average, and that the optimal security budget allocation lies between 8 % and 11 % of total IT expenditure. The framework offers financial institutions and regulators a transparent, data-grounded tool for evidence-based cybersecurity policy decisions.

Keywords: cybersecurity, digital economy, risk modelling, ROSI, financial systems, Uzbekistan, loss function, mathematical model.

Maqolani onlayn o'qish

Maqola matni yuklanmoqda, iltimos kuting...

References

1. International Monetary Fund. (2023). Global financial stability report: Financial and climate policies for a high-interest-rate era. IMF Publications. https://www.imf.org/en/Publications/GFSR/Issues/2023/10/11/global-financial-stability-report-october-2023
2. Central Bank of the Republic of Uzbekistan. (2023). Payment systems and services: Statistical bulletin 2023. CBU. https://cbu.uz/en/statistics/payment-system/
3. Gordon, L. A., & Loeb, M. P. (2002). The economics of information security investment. ACM Transactions on Information and System Security, 5(4), 438–457. https://doi.org/10.1145/581271.581274
4. Böhme, R., & Schwartz, G. (2010). Modeling cyber-insurance: Towards a unifying framework. Proceedings of the 9th Workshop on the Economics of Information Security (WEIS 2010). https://econinfosec.org/archive/weis2010/papers/session5/weis2010_boehme.pdf
5. Anderson, R., Böhme, R., Clayton, R., & Moore, T. (2008). Security economics and the internal market. ENISA. https://doi.org/10.2824/17120
6. OECD. (2008). Handbook on constructing composite indicators: Methodology and user guide. OECD Publishing. https://doi.org/10.1787/9789264043466-en
7. Varian, H. R. (2004). System reliability and free riding. In L. J. Camp & S. Lewis (Eds.), Economics of information security (pp. 1–15). Springer. https://doi.org/10.1007/1-4020-8090-5_1
8. Ministry of Digital Technologies of the Republic of Uzbekistan. (2023). National cybersecurity incident registry: Annual statistical report 2023. MDT. https://mdt.uz/en/reports/cybersecurity-2023
9. UZINFOCOM. (2023). ICT sector annual report 2023. Agency for the Development of Information Technologies and Communications. https://uzinfocom.uz/en/reports/annual-2023
10. Association of Banks of Uzbekistan. (2023). Banking sector performance review 2023. ABU. https://www.bankassociation.uz/en/analytics/2023
11. Florêncio, D., & Herley, C. (2013). Sex, lies and cyber-crime surveys. In B. Schneier (Ed.), Economics of information security and privacy III (pp. 35–53). Springer. https://doi.org/10.1007/978-1-4614-1981-5_3
12. Shetty, N., Schwartz, G., Felegyhazi, M., & Walrand, J. (2010). Competitive cyber-insurance and internet security. In T. Moore, D. Pym, & C. Ioannidis (Eds.), Economics of information security and privacy (pp. 229–247). Springer. https://doi.org/10.1007/978-1-4419-6967-5_13