A Decision Model on Optimising Cybersecurity Controls Using Organisation Preferences

Optimizing cybersecurity involves understanding it as an organizational concern with varying stakeholder perspectives. Instead of viewing it as a standalone issue, decision-makers should align security measures with business goals. This paper proposes a model considering organizational priorities, translating them into a utility function for evaluating security controls, and finding an optimal balance between risk, cost, and benefit.

Cyber Harm Model and Harm‑Based Risk Assessment: A Conceptual Framework

The article advocates for a shift in cyber risk assessment from a threat-centric to a harm-centric approach. Current models often neglect qualitative and cascading impacts of cyber incidents. The proposed Cyber Harm Model (CHM) aims to address this gap, providing a comprehensive framework for assessing and mitigating harm, using empirical data from Critical Information Infrastructures.

Modelling of Large Fire Insurance Claims: An Extreme Value Theory Approach

This research develops a mathematical model using Extreme Value Theory and Risk Measures to estimate and forecast major fire insurance claims, enhancing insurers' understanding of potential risks. Utilizing a three-parameter Generalized Pareto Distribution in the Extreme Value Theory framework, the study effectively models large losses, aiding in risk management and pricing strategies for insurance firms.

The role of prudential regulation and supervision of insurers in sustainable finance

The insurance sector's role in sustainable finance, especially in the green transition, relies on balancing sustainability goals with prudential concerns like risk management under Solvency II. Emphasizing the importance of the Own Risk and Solvency Assessment (ORSA), the sector aims to align investments with policyholder interests while addressing sustainability risks. Efforts continue to integrate sustainability into regulatory frameworks, balancing risk management with support for the sustainability transition.

Verifiable Uncertainty

Date : Tags : , , , ,
The concept proposes verifiable uncertainty akin to classical lotteries, suggesting it as a fundamental way to comprehend uncertainty. Rules are outlined for contrasting general events with verifiable lottery-like situations. Decision-making involves evaluating verifiable uncertainty differently from unverifiable uncertainty, allowing distinct attitudes and conservative handling of the latter. This approach forms a more solid theoretical basis for decision-making.

Privacy Impact Assessments

Date : Tags : , , ,
Privacy, a misunderstood concept in today's digital era, lacks a clear definition. People increasingly share personal data without fully understanding privacy policies. Studies show minimal engagement with these policies: only 9% always read them, while 36% never do. Mastery of impact and risk assessments is crucial for establishing robust privacy standards and maturity.

General Purpose AI Systems in the AI Act: Trying to Fit a Square Peg Into a Round Hole

The AI Act, initially overlooking multifunctional AI like foundation models, led to debates. Industry sought exemption, civil groups pushed for inclusion, foreseeing safety gaps and burdens on users. "General Purpose AI systems" (GPAIS) emerged in discussions, aiming to extend Act requirements to adaptable models, addressing operator responsibility. Current debate focuses on adapting the Act to cover these advanced AI, revealing its initial limitations. The paper will delve into this evolution, highlighting challenges and proposing policy adjustments for GPAIS regulation within the AI Act's framework.

Cyber Risk and Bank Fragility

"Using a novel firm-level measure of cybersecurity, we find that cybersecurity risk increases the probability of bank default. The effect is larger for banks with deposit withdrawal, but less pronounced for banks with liquidity buffer. Our results are robust to using an instrumental variable approach and to using alternative measures. "

A multistate approach to disability insurance reserving with information delays

A new model for disability insurance tackles delays in claims by evolving in real-time. Unlike traditional methods, it adjusts reserves based on immediate information. By proposing modified reserves and estimators, it addresses delays effectively, demonstrated with real data, offering practical solutions for disability insurance schemes.