 Cyber risk assessment for capital managementWing Fung Chong, Runhuan Feng, Hins Hu and Linfeng Zhang Journal of Risk & Insurance, 2025, vol. 92, issue 2, 424-471 Abstract: This paper introduces a two‐pillar cyber risk management framework to address the pervasive challenges in managing cyber risk. The first pillar, cyber risk assessment, combines insurance frequency‐severity models with cybersecurity cascade models to capture the unique nature of cyber risk. The second pillar, cyber capital management, facilitates informed allocation of capital for a balanced cyber risk management strategy, including cybersecurity investments, insurance coverage, and reserves. A case study, based on historical cyber incident data and realistic assumptions, demonstrates the necessity of comprehensive cost–benefit analysis for budget‐constrained companies with competing objectives in cyber risk management. In addition, sensitivity analysis highlights the dependence of the optimal strategy on factors such as the price of cybersecurity controls and their effectiveness. The framework's implementation across a diverse range of companies yields general insights on cyber risk management. Date: 2025 Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:bla:jrinsu:v:92:y:2025:i:2:p:424-471 Ordering information: This journal article can be ordered from Access Statistics for this article Journal of Risk & Insurance is currently edited by Joan T. Schmit More articles in Journal of Risk & Insurance from The American Risk and Insurance Association Contact information at EDIRC. |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.