81 résultats
pour « Résilience numérique »
The current global #dataprivacy situation resembles the accountability crisis during the early 2000s US accounting scandals. Lack of oversight, #transparency, and #regulation has led to confusion and distrust. By emulating successful models like the Sarbanes-Oxley Act, companies can regain consumer trust by treating privacy policies like #financialstatements, standardized and audited. The proposal includes #privacy #controls similar to financial internal controls and a Privacy Cube framework for #riskmanagement, ultimately aiming to rebuild #consumertrust in #data handling.
The study analyzes how #cybersecurityrisk impacts #clawback policy adoption in #us listed firms from 2008-2018. It finds that rising cybersecurity risk increases clawback adoption, influenced by business goals, management preferences, and market efficiency. Stronger tech commitment and non-co-opted boards reduce this effect, showing firms consider clawbacks as preventive against #misconduct, incorporating cybersecurity risk.
On July 26, 2023, the #sec adopted final rules requiring disclosure of material #cybersecurity incidents on Form 8-K and periodic disclosure of a registrant’s cybersecurity #riskmanagement, strategy, and #governance in #annualreports.
"This paper presents a continuous-time dynamic model of market adoption of #cybersecurity. Individuals choose whether and when to make a precautionary investment in self-protection against the evolving security #risk of direct attack and indirect contagion. The equilibrium adoption path has a ``tipping point'': individual users will invest to get protected all at once when a critical mass of the infected has been reached."
This paper examines the impact of #databreach #disclosure laws (DBDL) on companies' voluntary #financial disclosure behaviors. The authors use a difference-in-differences analysis to show that firms have a higher propensity of disclosing non-#gaap earnings after the adoption of DBDL, suggesting that such mandatory disclosure #regulation on #cybersecurity stimulates firms' voluntary disclosure of non-GAAP earnings.
This paper analyzes the constraints on the #insuranceindustry in providing larger capacity for #cyberrisk #insurance. The authors argue that cyber risk is unique in that it is both information-intensive to underwrite and heavy-tailed, leading to a tension between the need to raise large amounts of external capital to finance heavy-tailed risks and the high compensation demanded by capital providers due to information frictions.
This paper analyzes the characteristics of #cyber #loss #events and how they evolve over time. The authors use three large databases to address the problem of #report #delay and analyze the #frequency and #severity of different categories of #cyberevents . They find that the frequency of malicious cyber events has grown exponentially in the past two decades, but there is no significant change in loss severity.
While previous research has focused on #cyberrisk #riskmitigation measures, this study describes the emergence of various real-world cyber #risktransfer products in the last decade, including #warranties, #cloudcomputing partnerships, #parametricinsurance, #reinsurance, and #cyber #catbonds.
We provide a #cyberrisk definition and classification scheme for #riskmanagement purposes, to be used as a data collection template for #financialinstitutions.
"This paper employs #computational #linguistics to introduce a novel text-based measure of firm-level #cyberrisk exposure based on quarterly earnings conference calls of listed firms. Our quarterly measures are available for more than 13,000 firms from 85 countries over 2002-2021. ... The geography of cyber risk exposure is well approximated by a gravity model extended with cross-border portfolio flows. Back-of-the-envelope calculations suggest that the global #cost of cyber risk is over $200 billion per year."