94 résultats
pour « Résilience numérique »
The EU aims to foster digital transformation across sectors by 2030 through legislation on AI, cloud computing, and crypto-assets. However, compared to ESG, banking regulation lacks a clear framework for managing digital risks and supervisory assessment. This paper discusses digital innovation in banking, proposing risk-based Pillar 2 prudential framework and harmonized Pillar 3 disclosures to address this gap.
Cyber risk presents significant challenges to society, yet its statistical behavior remains insufficiently understood. This paper analyzes three databases to study cyber risk dynamics. It identifies increasing frequency and severity, particularly in malicious events since 2018. Persistent heavy-tailedness across risk categories implies lower insurance demand and potentially heightened risk levels for firms.
“The financial impact of cybercrime paints a concerning picture. According to the FBI's Internet Crime Complaint Center (IC3), cybercrime complaints in 2023 reached record highs, with reported losses exceeding $10 billion (IC3, 2023). Furthermore, IBM's 2023 Cost of a Data Breach Report estimates the average global cost of a data breach to be a staggering $4.5 million (IBM, 2023). These statistics highlight the immense financial burden cybercrime places on individuals, organizations, and governments.”
“... this article provides anchorage to scholarly audiences when scrutinizing the extent to which privacy and security measures qualify as ‘appropriate’ in the context of liability claims and actions for damages, thereby creating an opportunity to move from technical insight to legal compliance.”
“... management forecasts in response to cyber risk convey more positive information for longer horizons but exhibit lower precision and accuracy.”
The challenge for cyber insurers lies in the scarcity of data, hindering risk assessment and product development. Organizations fear sharing information due to the risk of further attacks. Balancing transparency with discretion is crucial. With better data sharing, insurers can offer tailored products, assess risks accurately, and enhance corporate compliance.
The objective of this paper is to compare the most common available Risk quantification models: Fault Tree Analysis, Failure Mode Effective Analysis, and FAIR (Factor Analysis of Information Risk) Model.
“The analysis reveals that boards are ineffective in cybersecurity risk oversight due to a lack of IT knowledge, and cybersecurity expertise is largely absent at the board level.”
"... This review conducts a comprehensive literature review delving into recent ransomware attacks to analyze key aspects, including the targeted organizations, attack vectors, threat actors, propagation mechanisms, and the resulting business impact… this study provides valuable insights emphasizing the importance of proactive defenses to mitigate the risks posed by this growing threat."
Managing cyber risk in the supply chain is a major challenge in cybersecurity. Organizations struggle to evaluate suppliers' security postures, while suppliers face challenges in communicating these postures. This study, using interviews and surveys, formulates a process theory for supplier cyber risk assessment, highlighting the importance of secure technology. The findings provide actionable insights for improving supply chain cyber risk management.