 Improving data for managing cyber risk and building resilienceBryson Alexander, Filippo Curti, Jeffrey Gerlach and Stacey Schreft Abstract: Gaps in the data available for assessing cyber risk have limited the development of metrics that would help the public and private sectors prevent and recover from cyber attacks and reduce systemic risk. Cyber incident disclosure rules, introduced to close the data gaps, help but fall short in supporting the effective management of cyber risk. This paper examines the current and proposed reporting requirements, especially in the financial sector, where they are the most prevalent. It describes the data gaps that remain and discusses how moving toward a better and harmonized cyber incident data collection rule could improve cybersecurity, reduce the risk of catastrophic cyber incidents and reduce the regulatory burden on companies that currently must report cyber data to multiple agencies. References: Add references at CitEc Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:rsk:journ3:7962911 Access Statistics for this article More articles in Journal of Operational Risk from Journal of Operational Risk |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.