Some Principles for Regulating Cyber Risk

Anil Kashyap and Anne Wetherilt

No 13324, CEPR Discussion Papers from C.E.P.R. Discussion Papers

Abstract: We explain why cyber risk differs from other operational risks in the financial sector. The form of cyber shocks differs because of their intent, probability of success, possibility of a hidden phase and evolving form of the risks. The impact differs because problems can spread quickly and because uncertainty over the possibility of a hidden phase can impact responses. We explain why private incentives to attend to these risks may differ from societies’ preferences and develop six (micro- and macroprudential) regulatory principles to deal with cyber risk.

Keywords: Cyber risk; Stress test; Macroprudential regulation (search for similar items in EconPapers)
JEL-codes: G18 G28 L51 O33 (search for similar items in EconPapers)
Date: 2018-11
New Economics Papers: this item is included in nep-rmg
References: View references in EconPapers View complete reference list from CitEc
Citations: View citations in EconPapers (4)

Downloads: (external link)
https://cepr.org/publications/DP13324 (application/pdf)
CEPR Discussion Papers are free to download for our researchers, subscribers and members. If you fall into one of these categories but have trouble downloading our papers, please contact us at subscribers@cepr.org

Related works:
Journal Article: Some Principles for Regulating Cyber Risk (2019)
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:cpr:ceprdp:13324

Ordering information: This working paper can be ordered from
https://cepr.org/publications/DP13324

Access Statistics for this paper

More papers in CEPR Discussion Papers from C.E.P.R. Discussion Papers Centre for Economic Policy Research, 33 Great Sutton Street, London EC1V 0DX.
Bibliographic data for series maintained by ().