81 résultats
pour « Résilience numérique »
“... this article provides anchorage to scholarly audiences when scrutinizing the extent to which privacy and security measures qualify as ‘appropriate’ in the context of liability claims and actions for damages, thereby creating an opportunity to move from technical insight to legal compliance.”
“... management forecasts in response to cyber risk convey more positive information for longer horizons but exhibit lower precision and accuracy.”
The challenge for cyber insurers lies in the scarcity of data, hindering risk assessment and product development. Organizations fear sharing information due to the risk of further attacks. Balancing transparency with discretion is crucial. With better data sharing, insurers can offer tailored products, assess risks accurately, and enhance corporate compliance.
The objective of this paper is to compare the most common available Risk quantification models: Fault Tree Analysis, Failure Mode Effective Analysis, and FAIR (Factor Analysis of Information Risk) Model.
“The analysis reveals that boards are ineffective in cybersecurity risk oversight due to a lack of IT knowledge, and cybersecurity expertise is largely absent at the board level.”
"... This review conducts a comprehensive literature review delving into recent ransomware attacks to analyze key aspects, including the targeted organizations, attack vectors, threat actors, propagation mechanisms, and the resulting business impact… this study provides valuable insights emphasizing the importance of proactive defenses to mitigate the risks posed by this growing threat."
Managing cyber risk in the supply chain is a major challenge in cybersecurity. Organizations struggle to evaluate suppliers' security postures, while suppliers face challenges in communicating these postures. This study, using interviews and surveys, formulates a process theory for supplier cyber risk assessment, highlighting the importance of secure technology. The findings provide actionable insights for improving supply chain cyber risk management.
Optimizing cybersecurity involves understanding it as an organizational concern with varying stakeholder perspectives. Instead of viewing it as a standalone issue, decision-makers should align security measures with business goals. This paper proposes a model considering organizational priorities, translating them into a utility function for evaluating security controls, and finding an optimal balance between risk, cost, and benefit.
“… the report underscores the critical role of emerging governance, risk, and compliance frameworks in ensuring organizations remain adaptive and resilient in the face of ever-evolving cyber threats. In an era where digital risks are continuously evolving...”
The article advocates for a shift in cyber risk assessment from a threat-centric to a harm-centric approach. Current models often neglect qualitative and cascading impacts of cyber incidents. The proposed Cyber Harm Model (CHM) aims to address this gap, providing a comprehensive framework for assessing and mitigating harm, using empirical data from Critical Information Infrastructures.