105 résultats
pour « Résilience numérique »
Amid growing cyber threats, research on cyber insurance risk has been limited by data constraints. This paper addresses this gap by utilizing overlooked public data from U.S. state Attorneys General, offering insights into the actual scope of cyber insurance risk. The data, derived from mandatory data breach reporting, provides valuable information for pricing, reserving, underwriting, and experience monitoring in the cyber insurance industry.
The increasing complexity of data protection laws, rising compliance costs, and evolving cyber threats make data security a vital business concern.
#regulators recently issued #cybersecurity #disclosure guidelines to enhance #transparency and #accountability among firms. A study analyzed cybersecurity disclosure practices among a sample of Toronto Stock Exchange firms over seven years. Findings indicate a notable increase in disclosure after 2017 guidance by #canadian Securities Administrators. However, improvements are needed, especially in #governance and #riskmitigation disclosure. This study sheds light on policy's impact on cybersecurity transparency.
#cybersecurity goes beyond networks and people, encompassing #physicalsecurity crucial for organizations. Inadequate physical security, seen in incidents like the Oklahoma City bombing, 9/11 attacks, and U.S. Capitol breach, highlight policy and control failures. Effective physical security involves planning, #riskassessment, #controls, and frameworks like #cpted, #nist, and #fema, addressing present and future #threats.
The current global #dataprivacy situation resembles the accountability crisis during the early 2000s US accounting scandals. Lack of oversight, #transparency, and #regulation has led to confusion and distrust. By emulating successful models like the Sarbanes-Oxley Act, companies can regain consumer trust by treating privacy policies like #financialstatements, standardized and audited. The proposal includes #privacy #controls similar to financial internal controls and a Privacy Cube framework for #riskmanagement, ultimately aiming to rebuild #consumertrust in #data handling.
The study analyzes how #cybersecurityrisk impacts #clawback policy adoption in #us listed firms from 2008-2018. It finds that rising cybersecurity risk increases clawback adoption, influenced by business goals, management preferences, and market efficiency. Stronger tech commitment and non-co-opted boards reduce this effect, showing firms consider clawbacks as preventive against #misconduct, incorporating cybersecurity risk.
On July 26, 2023, the #sec adopted final rules requiring disclosure of material #cybersecurity incidents on Form 8-K and periodic disclosure of a registrant’s cybersecurity #riskmanagement, strategy, and #governance in #annualreports.
"This paper presents a continuous-time dynamic model of market adoption of #cybersecurity. Individuals choose whether and when to make a precautionary investment in self-protection against the evolving security #risk of direct attack and indirect contagion. The equilibrium adoption path has a ``tipping point'': individual users will invest to get protected all at once when a critical mass of the infected has been reached."
This paper examines the impact of #databreach #disclosure laws (DBDL) on companies' voluntary #financial disclosure behaviors. The authors use a difference-in-differences analysis to show that firms have a higher propensity of disclosing non-#gaap earnings after the adoption of DBDL, suggesting that such mandatory disclosure #regulation on #cybersecurity stimulates firms' voluntary disclosure of non-GAAP earnings.
This paper analyzes the constraints on the #insuranceindustry in providing larger capacity for #cyberrisk #insurance. The authors argue that cyber risk is unique in that it is both information-intensive to underwrite and heavy-tailed, leading to a tension between the need to raise large amounts of external capital to finance heavy-tailed risks and the high compensation demanded by capital providers due to information frictions.