105 résultats pour « Résilience numérique »

Cyber Insurance Risk: Reporting Delays, ThirdParty Cyber Events, and Changes in Reporting Propensity

Amid growing cyber threats, research on cyber insurance risk has been limited by data constraints. This paper addresses this gap by utilizing overlooked public data from U.S. state Attorneys General, offering insights into the actual scope of cyber insurance risk. The data, derived from mandatory data breach reporting, provides valuable information for pricing, reserving, underwriting, and experience monitoring in the cyber insurance industry.

Evolution of Cybersecurity Disclosure

#regulators recently issued #cybersecurity #disclosure guidelines to enhance #transparency and #accountability among firms. A study analyzed cybersecurity disclosure practices among a sample of Toronto Stock Exchange firms over seven years. Findings indicate a notable increase in disclosure after 2017 guidance by #canadian Securities Administrators. However, improvements are needed, especially in #governance and #riskmitigation disclosure. This study sheds light on policy's impact on cybersecurity transparency.

Physical Security Breaches, Threats, and Controls

#cybersecurity goes beyond networks and people, encompassing #physicalsecurity crucial for organizations. Inadequate physical security, seen in incidents like the Oklahoma City bombing, 9/11 attacks, and U.S. Capitol breach, highlight policy and control failures. Effective physical security involves planning, #riskassessment, #controls, and frameworks like #cpted, #nist, and #fema, addressing present and future #threats.

Learning From the Past: Applying Concepts of the S&O Act to Restore Consumer Trust

The current global #dataprivacy situation resembles the accountability crisis during the early 2000s US accounting scandals. Lack of oversight, #transparency, and #regulation has led to confusion and distrust. By emulating successful models like the Sarbanes-Oxley Act, companies can regain consumer trust by treating privacy policies like #financialstatements, standardized and audited. The proposal includes #privacy #controls similar to financial internal controls and a Privacy Cube framework for #riskmanagement, ultimately aiming to rebuild #consumertrust in #data handling.

Better Prevention Than Cure: Cybersecurity Risk and Clawback Provision

The study analyzes how #cybersecurityrisk impacts #clawback policy adoption in #us listed firms from 2008-2018. It finds that rising cybersecurity risk increases clawback adoption, influenced by business goals, management preferences, and market efficiency. Stronger tech commitment and non-co-opted boards reduce this effect, showing firms consider clawbacks as preventive against #misconduct, incorporating cybersecurity risk.

Market Adoption of Cybersecurity: A Dynamic Analysis

Date : Tags : , , ,
"This paper presents a continuous-time dynamic model of market adoption of #cybersecurity. Individuals choose whether and when to make a precautionary investment in self-protection against the evolving security #risk of direct attack and indirect contagion. The equilibrium adoption path has a ``tipping point'': individual users will invest to get protected all at once when a critical mass of the infected has been reached."

Cybersecurity Disclosure Regulations and Non‑GAAP Earnings: Evidence from Data Breach Disclosure Law

This paper examines the impact of #databreach #disclosure laws (DBDL) on companies' voluntary #financial disclosure behaviors. The authors use a difference-in-differences analysis to show that firms have a higher propensity of disclosing non-#gaap earnings after the adoption of DBDL, suggesting that such mandatory disclosure #regulation on #cybersecurity stimulates firms' voluntary disclosure of non-GAAP earnings.

The Supply of Cyber Risk Insurance

This paper analyzes the constraints on the #insuranceindustry in providing larger capacity for #cyberrisk #insurance. The authors argue that cyber risk is unique in that it is both information-intensive to underwrite and heavy-tailed, leading to a tension between the need to raise large amounts of external capital to finance heavy-tailed risks and the high compensation demanded by capital providers due to information frictions.