41 résultats pour « cybersecurity »

The Tensions of Cyber‑Resilience: From Sensemaking to Practice

"We apply Weick’s (1995) sensemaking framework to examine four foundational tensions of cyber-resilience: a definitional tension, an environmental tension, an internal tension, and a regulatory tension. We then document how these tensions are embedded in cyber-resilience practices at the preparatory, response and adaptive stages. We rely on qualitative data from a sample of 58 cybersecurity professionals in the financial sector..."

Auditors’ Response to Cybersecurity Risk: Human Capital Investment and Cross‑Client Influence

Date : Tags : , , , , ,
"Our evidence also implies that client firms that share the same audit office as breached firms increase their disclosure of cybersecurity risk and their demand for cybersecurity human capital. Reconciling with the Bayesian learning theory, these effects only manifest for auditors located in states that have been only sporadically exposed to data breaches."

A Mathematical Model for Risk Assessment of Social Engineering Attacks

"Social engineering is a very common type of malicious activity conducted on cyberspace that targets both individuals and companies in order to gain access to information or systems. It is part of the broader domain of cybersecurity and the first step to mitigate this type of attack is to know its attack vectors. This way, the risk of becoming a victim of this type of attack can be reduced by technical means, proper security culture and procedural solutions..."

Cyber Risk Assessment for Capital Management

"There appears a gap in cyber risk modeling between engineering and insurance literature. This paper presents a novel model to capture these unique dynamics of cyber risk known from engineering and to model loss distributions based on industry loss data and a particular company's cybersecurity profile. The analysis leads to a new tool for allocating resources of the company between cybersecurity investments and loss-absorbing reserves."