Regulation of Cyber Risk in the Banking Sector: A Canadian Case Study

The current #canadian regime, which draws on the #basel #operationalrisk framework, is not equipped to handle the unique challenges of #cyberrisk. Cyber incidents differ from traditional operational disruptions in terms of their dynamism and impact, and traditional risk-based #supervision is not suitable for the rapidly changing cyber profile of #regulated #financialinstitutions. Lire

Is Accumulation Risk In Cyber Systematically Underestimated?

“The purpose of this article is to highlight the importance of taking a holistic approach to cyber. In particular, we argue that actuarial modelling should not be viewed stand-alone, but rather as an integral part of an interconnected value chain with other processes such as cyber-risk assessment and cyber-claims settlement.” Lire

Cyber Risk: Hyperconnectivity and the Political Economy of Uncertainty

“This paper explores the notion of ‘cyber risk’, asking how we might understand it through a sociotechnical lens. It pays specific attention to how we can theorise cyber risk as an assemblage of sociotechnical ‘riskscapes’, in which our understanding of risk goes beyond organisational imperatives of ‘risk management’ and into treating cyber risk as a set of productive knowledges and practices within a […]

Cyber Security and Insurance

“Companies and law firms must have adequate insurance coverage to fill gaps and to meet company insurance objectives.” Lire

Do Auditors Consider Cybersecurity Insurance in Pricing Audits?

“We conclude that the purchase of cyber insurance is indicative of an overall higher risk profile, but that having that insurance after experiencing a breach and formalizing cyber risk oversight within the audit committee reduces auditors’ perceptions of risk.” “… in a world where algorithmic opacity has become a strategic tool for firms to escape accountability, regulators in the EU, […]

Global Bank Cyber Risk Coordination a Positive for Risk Mitigation

“Cybersecurity risk has been a growing “non-financial” risk for banks over the years, but there is a very real and growing financial impact from cyber incidents. Cyber attacks regarding sensitive client data can lead to ransom losses, lost revenue, operational interruptions, increased counter-party and reputational risks and customer attrition. Additional costs include data restoration, investigation […]

Cyber Risk Frequency, Severity and Insurance Viability

“…  two core unresolved questions. First, what factors are the most significant covariates that may explain the frequency and severity of cyber loss events and are they heterogeneous over cyber risk categories? Second, is cyber risk insurable in regards to the required premiums, risk pool sizes and how would this decision vary with the insured […]