Cyber risk definition and classification for financial risk management

IF 0.4 4区 经济学 Q4 BUSINESS, FINANCE Journal of Operational Risk Pub Date : 2023-01-01 DOI:10.21314/jop.2022.036
Filippo Curti, Jeffrey R. Gerlach, Sophia Kazinnik, Michael Lee, Atanas Mihov
{"title":"Cyber risk definition and classification for financial risk management","authors":"Filippo Curti, Jeffrey R. Gerlach, Sophia Kazinnik, Michael Lee, Atanas Mihov","doi":"10.21314/jop.2022.036","DOIUrl":null,"url":null,"abstract":": Cyber risk is undeniably one of the most critical emerging risks to the financial industry. However, even though cyber risk is recognized as a significant threat to financial institutions and, more generally, to financial stability, the quantification and analysis of cyber risk has not yet matured to the point where it can be consistently measured and managed against corporate risk appetites. This impedes efforts to effectively measure and manage such risk, diminishing institutions’ individual and collective readiness to handle system-level cyber threats. This paper aims to address this gap by providing a preliminary cyber risk definition and classification of cyber risk for risk management purposes. As such, the proposed definition and classification would ensure that adopting institutions are utilizing common language and allowing consistent data collection and sharing. We provide a deeper dive into the reasoning behind the variables we propose to collect and demonstrate how some of the existing cybersecurity events map into our proposed scheme.","PeriodicalId":54030,"journal":{"name":"Journal of Operational Risk","volume":"195 1","pages":""},"PeriodicalIF":0.4000,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Operational Risk","FirstCategoryId":"96","ListUrlMain":"https://doi.org/10.21314/jop.2022.036","RegionNum":4,"RegionCategory":"经济学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"BUSINESS, FINANCE","Score":null,"Total":0}
引用次数: 6

Abstract

: Cyber risk is undeniably one of the most critical emerging risks to the financial industry. However, even though cyber risk is recognized as a significant threat to financial institutions and, more generally, to financial stability, the quantification and analysis of cyber risk has not yet matured to the point where it can be consistently measured and managed against corporate risk appetites. This impedes efforts to effectively measure and manage such risk, diminishing institutions’ individual and collective readiness to handle system-level cyber threats. This paper aims to address this gap by providing a preliminary cyber risk definition and classification of cyber risk for risk management purposes. As such, the proposed definition and classification would ensure that adopting institutions are utilizing common language and allowing consistent data collection and sharing. We provide a deeper dive into the reasoning behind the variables we propose to collect and demonstrate how some of the existing cybersecurity events map into our proposed scheme.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
金融风险管理中的网络风险定义与分类
网络风险无疑是金融行业面临的最关键的新兴风险之一。然而,尽管网络风险被认为是对金融机构的重大威胁,更广泛地说,是对金融稳定的重大威胁,但网络风险的量化和分析尚未成熟到可以根据企业的风险偏好对其进行持续衡量和管理的程度。这阻碍了有效衡量和管理此类风险的努力,降低了机构应对系统级网络威胁的个人和集体准备程度。本文旨在通过为风险管理目的提供初步的网络风险定义和网络风险分类来解决这一差距。因此,拟议的定义和分类将确保采用机构使用共同语言,并允许一致的数据收集和共享。我们将更深入地探讨我们建议收集的变量背后的原因,并演示一些现有的网络安全事件如何映射到我们建议的方案中。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Journal of Operational Risk
Journal of Operational Risk BUSINESS, FINANCE-
CiteScore
1.00
自引率
40.00%
发文量
6
期刊介绍: In December 2017, the Basel Committee published the final version of its standardized measurement approach (SMA) methodology, which will replace the approaches set out in Basel II (ie, the simpler standardized approaches and advanced measurement approach (AMA) that allowed use of internal models) from January 1, 2022. Independently of the Basel III rules, in order to manage and mitigate risks, they still need to be measurable by anyone. The operational risk industry needs to keep that in mind. While the purpose of the now defunct AMA was to find out the level of regulatory capital to protect a firm against operational risks, we still can – and should – use models to estimate operational risk economic capital. Without these, the task of managing and mitigating capital would be incredibly difficult. These internal models are now unshackled from regulatory requirements and can be optimized for managing the daily risks to which financial institutions are exposed. In addition, operational risk models can and should be used for stress tests and Comprehensive Capital Analysis and Review (CCAR). The Journal of Operational Risk also welcomes papers on nonfinancial risks as well as topics including, but not limited to, the following. The modeling and management of operational risk. Recent advances in techniques used to model operational risk, eg, copulas, correlation, aggregate loss distributions, Bayesian methods and extreme value theory. The pricing and hedging of operational risk and/or any risk transfer techniques. Data modeling external loss data, business control factors and scenario analysis. Models used to aggregate different types of data. Causal models that link key risk indicators and macroeconomic factors to operational losses. Regulatory issues, such as Basel II or any other local regulatory issue. Enterprise risk management. Cyber risk. Big data.
期刊最新文献
A risk-based internal audit methodology for Greek local government organizations Integrating text mining and analytic hierarchy process risk assessment with knowledge graphs for operational risk analysis Operational risk and regulatory capital: do public and private banks differ? Cyber risk definition and classification for financial risk management Audit committee characteristics and the audit report lag in Greece
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1