PriMera Scientific Engineering (ISSN: 2834-2550)

Research Article

Volume 7 Issue 2

Integrating Artificial Intelligence with Cyber Threat Intelligence to Predict Financial Exposure in Data-Driven Enterprises

Gloria Nwachukwu Ogochukwu*, Ekufu Chukwuemeka Henry, Valentina Palama and Edidiong Elijah Akpan

July 29, 2025

View PDF

Abstract

As global reliance on digital infrastructure intensifies, the financial ramifications of cybersecurity incidents have become a critical concern for organizations worldwide. Quantifying and predicting these financial losses is essential for effective risk management, yet it remains a significant analytical challenge. This study addresses this problem by analyzing a decade of global cybersecurity threat data (2015-2024) to model the financial impact of cyber attacks, evaluate the predictive power of various machine learning models, and identify underlying incident archetypes. Employing a multi-stage methodology, the research began with an exploratory data analysis, followed by a comparative evaluation of four regression models: Linear Regression, Random Forest, Gradient Boosting, and Support Vector Regression. Feature importance was extracted from the models, and K-Means clustering was used to derive a data-driven taxonomy of incidents. The study reveals a persistent and costly threat landscape with no significant decrease in resolution times over the decade. A crucial insight emerged from the predictive modeling: a simple Linear Regression model showed weak but positive predictive power. In contrast, more complex non-linear models failed, producing negative R² scores and indicating a propensity to overfit. The most significant predictors of financial loss were identified as the “Number of Affected Users” and “Incident Resolution Time.” Finally, the clustering analysis successfully segmented incidents into distinct archetypes, such as “Mass Data Breach” and “High-Stakes Targeted Attack.” This research concludes that noisy, linear relationships govern the financial ramifications of cyber attacks and underscores the principle of model parsimony, providing a quantitative framework for understanding cyber risk and the primary factors that mitigate financial damage.

Keywords: Cybersecurity; Risk Management; Predictive Modeling; Machine Learning; Regression Analysis; Financial Loss Prediction; Data Breach; Threat Intelligence; K-Means Clustering; Random Forest

References

  1. World Economic Forum. “Global Risks Report 2024”. World Economic Forum (2024). https://www.weforum.org/publications/global-risks-report-2024/
  2. Balsara Bhavish. “A Comparative Study of Patterns, Causes, And Impacts of Data Breaches Across Geographical Regions and Time Frames” (2024). Electronic Theses, Projects, and Dissertations 2080. https://scholarworks.lib.csusb.edu/etd/2080
  3. M Mijwil., et al. “The Purpose of Cybersecurity Governance in the Digital Transformation of Public Services and Protecting the Digital Environment”. Mesopotamian Journal of CyberSecurity (2023): 1-6.
  4. P Ganiaridis. “Evaluating the financial effect from cyber attacks on firms and analysis of cyber risk management”. M.S. thesis, Dept. of Banking and Fin. Mgmt., Univ. of Piraeus, Piraeus, Greece (2018).
  5. R Dieye., et al. “Estimates of the macroeconomic costs of cyber‐attacks”. Risk management and insurance review 23.2 (2020): 183-208.
  6. JB Fraley and J Cannady. “The promise of machine learning in cybersecurity”. in SoutheastCon 2017, Concord, NC, USA (2017): 1-6.
  7. A Wirth. “The Economics of Cybersecurity”. Biomedical Instrumentation & Technology 51.s6 (2017): 52-59.
  8. DW Hubbard and R Seiersen. “How to Measure Anything in Cybersecurity Risk”. Hoboken, NJ, USA: Wiley (2016).
  9. SJ Zaccaro., et al. “A Comprehensive Multilevel Taxonomy of Cyber Security Incident Response Performance”. Psychosocial Dynamics of Cyber Security (2016): 43-85.
  10. J DeCoste. “The impact of cyber-attacks on publicly traded companies”. M.S. thesis, Concordia Inst. for Inf. Syst. Eng., Concordia Univ., Montreal, QC, Canada, (2017). [Online]. https://spectrum.library.concordia.ca/id/eprint/982695/
  11. LA Gordon and MP Loeb. “The economics of information security investment”. ACM Transactions on Information and System Security 5.4 (2002): 438-457.
  12. IBM. “Cost of a Data Breach Report 2023” (2023). [Online]. https://www.ibm.com/reports/data-breach
  13. Verizon. “DBIR 2023 Data Breach Investigations Report Public Sector Snapshot” (2023). [Online]. https://www.verizon.com/business/resources/Ta5a/reports/2023-dbir-public-sector-snapshot.pdf
  14. OI Poyraz., et al. “Cyber assets at risk: monetary impact of U.S. personally identifiable information mega data breaches”. The Geneva Papers on Risk and Insurance - Issues and Practice 45.4 (2020): 616-638.
  15. L Allodi. “Economic Factors of Vulnerability Trade and Exploitation”. in Proc. 2017 ACM SIGSAC Conf. Comput. Commun. Secur. (CCS ’17) (2017): 1483-1499.
  16. AL Buczak and E Guven. “A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection”. IEEE Communications Surveys & Tutorials 18.2 (2016): 1153-1176.
  17. BG Bokolo and Q Liu. “Artificial Intelligence in Social Media Forensics: A Comprehensive Survey and Analysis”. Electronics 13.9 (2024): 1671.
  18. BG Bokolo, R Jinad and Q Liu. “A Comparison Study to Detect Malware using Deep Learning and Machine learning Techniques”. in 2023 IEEE 6th Int. Conf. Big Data Artif. Intell. (BDAI), Jiaxing, China (2023): 1-6.
  19. A Sarabi., et al. “Risky business: Fine-grained data breach prediction using business profiles”. Journal of Cybersecurity 2.1 (2016): 15-28.
  20. B Edwards, S Hofmeyr and S Forrest. “Hype and heavy tails: A closer look at data breaches”. Journal of Cybersecurity 2.1 (2016): 3-14.
  21. A Handa, A Sharma and SK Shukla. “Machine learning in cybersecurity: A review”. WIREs Data Mining and Knowledge Discovery 9.4 (2019).
  22. J Martínez Torres, C Iglesias Comesaña and PJ García-Nieto. “Review: machine learning techniques applied to cybersecurity”. International Journal of Machine Learning and Cybernetics 10.10 (2019): 2823-2836.
  23. S Ahmad., et al. “Unsupervised real-time anomaly detection for streaming data”. Neurocomputing 262 (2017): 134-147.
  24. EK Viegas, AO Santin and LS Oliveira. “Toward a reliable anomaly-based intrusion detection in real-world environments”. Computer Networks 127 (2017): 200-216.
  25. K Althobaiti., et al. “Using Clustering Algorithms to Automatically Identify Phishing Campaigns”. IEEE Access 11 (2023): 96502-96513.
  26. Murk Marvi, Asad Arfeen and R Uddin. “An augmented K‐means clustering approach for the detection of distributed denial‐of‐service attacks”. International Journal of Network Management 31.6 (2021).
  27. A Parizad and CJ Hatziadoniu. “Cyber-Attack Detection Using Principal Component Analysis and Noisy Clustering Algorithms: A Collaborative Machine Learning-Based Framework”. IEEE Transactions on Smart Grid 13.6 (2022): 4848-4861.
  28. Atharva Soundankar. “????Global Cybersecurity Threats (2015-2024)”. Kaggle.com (2015). https://www.kaggle.com/datasets/atharvasoundankar/global-cybersecurity-threats-2015-2024
  29. FJ Bargagli Stoffi, G Cevolani and G Gnecco. “Simple Models in Complex Worlds: Occam’s Razor and Statistical Learning Theory”. Minds and Machines 32.1 (2022): 13-42.