 A practical road map for assessing cyber riskZeinab Amin Journal of Risk Research, 2019, vol. 22, issue 1, 32-43 Abstract: The increase in interconnectivity and developments in technology have caused cyber security to become a universal concern. This paper highlights the dangers of the evolution of cyber risk, the challenges of quantifying the impact of cyber-attacks and the feasibility of the traditional actuarial methodologies for quantifying cyber losses. In this paper, we present a practical roadmap for assessing cyber risk, a roadmap that emphasizes the importance of developing a company and culture-specific risk and resilience model. We develop a structure for a Bayesian network to model the financial loss as a function of the key drivers of risk and resilience. We use qualitative scorecard assessment to determine the level of cyber risk exposure and evaluate the effectiveness of resilience efforts in the organization. We highlight the importance of capitalizing on the knowledge of experts within the organization and discuss methods for aggregating multiple assessments. From an enterprise risk management perspective, impact on value should be the primary concern of managers. This paper uses a value-centric/reputational approach to risk management rather than a regulatory/capital-centric approach to risk. Date: 2019 Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:taf:jriskr:v:22:y:2019:i:1:p:32-43 Ordering information: This journal article can be ordered from DOI: 10.1080/13669877.2017.1351467 Access Statistics for this article Journal of Risk Research is currently edited by Bryan MacGregor More articles in Journal of Risk Research from Taylor & Francis Journals |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.