42 résultats
pour « cybersecurity »
"... there is a risk that the EU’s Network and Information Systems Directive (‘NIS Directive’) might lead to only incremental improvements in the cybersecurity of Europe’s critical infrastructure and digital services, while generating substantial compliance activity, aimed at placating regulators and reassuring the general public."
"We apply Weick’s (1995) sensemaking framework to examine four foundational tensions of cyber-resilience: a definitional tension, an environmental tension, an internal tension, and a regulatory tension. We then document how these tensions are embedded in cyber-resilience practices at the preparatory, response and adaptive stages. We rely on qualitative data from a sample of 58 cybersecurity professionals in the financial sector..."
"Our evidence also implies that client firms that share the same audit office as breached firms increase their disclosure of cybersecurity risk and their demand for cybersecurity human capital. Reconciling with the Bayesian learning theory, these effects only manifest for auditors located in states that have been only sporadically exposed to data breaches."
"Social engineering is a very common type of malicious activity conducted on cyberspace that targets both individuals and companies in order to gain access to information or systems. It is part of the broader domain of cybersecurity and the first step to mitigate this type of attack is to know its attack vectors. This way, the risk of becoming a victim of this type of attack can be reduced by technical means, proper security culture and procedural solutions..."
"Organizations closest to full adoption are those under the prudential regulation (coercive forces), whereas efficiency motives and mimetic forces drive organizations to seek fluidity by ‘blending’ the segregated lines to ensure fast reactions to changing environment."
"... businesses have basic cybersecurity responsibilities and fundamental duties to operate securely in a digital society."
"There appears a gap in cyber risk modeling between engineering and insurance literature. This paper presents a novel model to capture these unique dynamics of cyber risk known from engineering and to model loss distributions based on industry loss data and a particular company's cybersecurity profile. The analysis leads to a new tool for allocating resources of the company between cybersecurity investments and loss-absorbing reserves."
"Likelihood and impact are variables that are stressed when characterizing risks, evolving as an organization increases scalability and network infrastructure. Effective security risk management preparation relies severely on initiative-taking and adversarial mindsets."
"We show how to use Schelling’s focal points together with Kahneman & Tversky’s reference points and related concepts from behavioural economics to complement technical innovations and improve threat detection and deterrence."
"Cyber attacks can impair banks operations and precipitate bank runs. When digital infrastructure is shared, banks defend themselves by investing in cybersecurity but can free-ride on the security measures of others. Ex ante free-riding by banks interacts with the ex post coordination frictions underpinning bank runs."