Cyber risk management: History and future research directions
Author
Abstract
Suggested Citation
DOI: 10.1111/rmir.12169
Download full text from publisher
References listed on IDEAS
- Michael McShane, 2018. "Enterprise risk management: history and a design science proposal," Journal of Risk Finance, Emerald Group Publishing Limited, vol. 19(2), pages 137-153, March.
- Michael McShane & Trung Nguyen, 2020. "Time-varying effects of cyberattacks on firm value," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 580-615, October.
- Martin Eling & Werner Schnell, 2016. "What do we know about cyber risk and cyber risk insurance?," Journal of Risk Finance, Emerald Group Publishing Limited, vol. 17(5), pages 474-491, November.
- Anat Hovav & John D'Arcy, 2003. "The Impact of Denial‐of‐Service Attack Announcements on the Market Value of Firms," Risk Management and Insurance Review, American Risk and Insurance Association, vol. 6(2), pages 97-121, September.
- Simon Ashby & Trevor Buck & Stephanie Nöth-Zahn & Thomas Peisl, 2018. "Emerging IT Risks: Insights from German Banking," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 43(2), pages 180-207, April.
- James H. Lambert & Jeffrey M. Keisler & William E. Wheeler & Zachary A. Collier & Igor Linkov, 2013. "Multiscale approach to the security of hardware supply chains for energy systems," Environment Systems and Decisions, Springer, vol. 33(3), pages 326-334, September.
- Martin Eling & Werner Schnell, 2020. "Capital Requirements for Cyber Risk and Cyber Risk Insurance: An Analysis of Solvency II, the U.S. Risk-Based Capital Standards, and the Swiss Solvency Test," North American Actuarial Journal, Taylor & Francis Journals, vol. 24(3), pages 370-392, July.
- Aven, Terje, 2011. "On the new ISO guide on risk management terminology," Reliability Engineering and System Safety, Elsevier, vol. 96(7), pages 719-726.
- Lin, Zhaoxin & Sapp, Travis R.A. & Ulmer, Jackie Rees & Parsa, Rahul, 2020. "Insider trading ahead of cyber breach announcements," Journal of Financial Markets, Elsevier, vol. 50(C).
- Sherrie Cannoy & Prashant C. Palvia & Richard Schilhavy, 2006. "A Research Framework for Information Systems Security," Journal of Information Privacy and Security, Taylor & Francis Journals, vol. 2(2), pages 3-24, April.
- Spencer Wheatley & Thomas Maillart & Didier Sornette, 2016. "The extreme risk of personal data breaches and the erosion of privacy," The European Physical Journal B: Condensed Matter and Complex Systems, Springer;EDP Sciences, vol. 89(1), pages 1-12, January.
- Rafael La Porta & Florencio Lopez-de-Silanes & Andrei Shleifer & Robert W. Vishny, 1998.
"Law and Finance,"
Journal of Political Economy, University of Chicago Press, vol. 106(6), pages 1113-1155, December.
- Rafael LaPorta & Florencio Lopez-de-Silanes & Andrei Shleifer & Robert W. Vishny, "undated". "Law and Finance," Working Paper 19451, Harvard University OpenScholar.
- La Porta, Rafael & Lopez-de-Silanes, Florencio & Shleifer, Andrei & Vishny, Robert W., 1998. "Law and Finance," Scholarly Articles 3451310, Harvard University Department of Economics.
- Rafael LaPorta & Florencio Lopez de-Silanes & Andrei Shleifer & Robert W. Vishny, 1996. "Law and Finance," Harvard Institute of Economic Research Working Papers 1768, Harvard - Institute of Economic Research.
- Porta, Rafael & Lopez-de-Silanes, Florencio & Shleifer, Andrei & Vishny, Robert, 1997. "Law And Finance," Harvard Institute for International Development (HIID) Papers 294393, Harvard University, Kennedy School of Government.
- Rafael La Porta & Florencio Lopez-de-Silane & Andrei Shleifer & Robert W. Vishny, 1996. "Law and Finance," NBER Working Papers 5661, National Bureau of Economic Research, Inc.
- Omer Ilker Poyraz & Mustafa Canan & Michael McShane & C. Ariel Pinto & T. Steven Cotter, 2020. "Cyber assets at risk: monetary impact of U.S. personally identifiable information mega data breaches," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 616-638, October.
- Anil Nair & Elzotbek Rustambekov & Michael McShane & Stav Fainshmidt, 2014. "Enterprise Risk Management as a Dynamic Capability: A test of its effectiveness during a crisis," Managerial and Decision Economics, John Wiley & Sons, Ltd., vol. 35(8), pages 555-566, December.
- Soomro, Zahoor Ahmed & Shah, Mahmood Hussain & Ahmed, Javed, 2016. "Information security management needs more holistic approach: A literature review," International Journal of Information Management, Elsevier, vol. 36(2), pages 215-225.
- Bojanc, Rok & Jerman-Blažič, Borka, 2008. "An economic modelling approach to information security risk management," International Journal of Information Management, Elsevier, vol. 28(5), pages 413-422.
- J. Park & T. P. Seager & P. S. C. Rao & M. Convertino & I. Linkov, 2013. "Integrating Risk and Resilience Approaches to Catastrophe Management in Engineering Systems," Risk Analysis, John Wiley & Sons, vol. 33(3), pages 356-367, March.
- Christian Biener & Martin Eling & Jan Hendrik Wirfs, 2015.
"Insurability of Cyber Risk: An Empirical Analysis†,"
The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 40(1), pages 131-158, January.
- Biener, Christian & Eling, Martin & Wirfs, Jan Hendrik, 2015. "Insurability of Cyber Risk: An Empirical Analysis," Working Papers on Finance 1503, University of St. Gallen, School of Finance.
- Priya Garg, 2020. "Cybersecurity breaches and cash holdings: Spillover effect," Financial Management, Financial Management Association International, vol. 49(2), pages 503-519, June.
- Young, Derek & Lopez, Juan & Rice, Mason & Ramsey, Benjamin & McTasney, Robert, 2016. "A framework for incorporating insurance in critical infrastructure cyber risk strategies," International Journal of Critical Infrastructure Protection, Elsevier, vol. 14(C), pages 43-57.
- Alessandro Mazzoccoli & Maurizio Naldi, 2020. "Robustness of Optimal Investment Decisions in Mixed Insurance/Investment Cyber Risk Management," Risk Analysis, John Wiley & Sons, vol. 40(3), pages 550-564, March.
- Detmar W. Straub, 1990. "Effective IS Security: An Empirical Study," Information Systems Research, INFORMS, vol. 1(3), pages 255-276, September.
- Alexander A. Ganin & Phuoc Quach & Mahesh Panwar & Zachary A. Collier & Jeffrey M. Keisler & Dayton Marchese & Igor Linkov, 2020. "Multicriteria Decision Framework for Cybersecurity Risk Assessment and Management," Risk Analysis, John Wiley & Sons, vol. 40(1), pages 183-199, January.
- M. Martin Boyer, 2020. "Cyber insurance demand, supply, contracts and cases," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 559-563, October.
- Eling, Martin & Wirfs, Jan, 2019. "What are the actual costs of cyber risk events?," European Journal of Operational Research, Elsevier, vol. 272(3), pages 1109-1119.
- Michael McShane & Trung Nguyen, 0. "Time-varying effects of cyberattacks on firm value," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 0, pages 1-36.
- Natalie M. Scala & Allison C. Reilly & Paul L. Goethals & Michel Cukier, 2019. "Risk and the Five Hard Problems of Cybersecurity," Risk Analysis, John Wiley & Sons, vol. 39(10), pages 2119-2126, October.
- Daniel Schatz & Rabih Bashroush, 2017. "Economic valuation for information security investment: a systematic literature review," Information Systems Frontiers, Springer, vol. 19(5), pages 1205-1228, October.
- Saini Das & Arunabha Mukhopadhyay & Manoj Anand, 2012. "Stock Market Response to Information Security Breach: A Study Using Firm and Attack Characteristics," Journal of Information Privacy and Security, Taylor & Francis Journals, vol. 8(4), pages 27-55, October.
- Mikhed, Vyacheslav & Vogan, Michael, 2018. "How data breaches affect consumer credit," Journal of Banking & Finance, Elsevier, vol. 88(C), pages 192-207.
- Daniel Schatz & Rabih Bashroush, 0. "Economic valuation for information security investment: a systematic literature review," Information Systems Frontiers, Springer, vol. 0, pages 1-24.
- Martin Eling, 2018. "Cyber Risk and Cyber Risk Insurance: Status Quo and Future Research," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 43(2), pages 175-179, April.
- Nicky J. Welton & Howard H. Z. Thom, 2015. "Value of Information," Medical Decision Making, , vol. 35(5), pages 564-566, July.
- Hulisi Öğüt & Srinivasan Raghunathan & Nirup Menon, 2011. "Cyber Security Risk Management: Public Policy Implications of Correlated Risk, Imperfect Ability to Prove Loss, and Observability of Self‐Protection," Risk Analysis, John Wiley & Sons, vol. 31(3), pages 497-512, March.
- Iyer, Subramanian R. & Simkins, Betty J. & Wang, Heng, 2020. "Cyberattacks and impact on bond valuation," Finance Research Letters, Elsevier, vol. 33(C).
- Viktoria Gisladottir & Alexander A. Ganin & Jeffrey M. Keisler & Jeremy Kepner & Igor Linkov, 2017. "Resilience of Cyber Systems with Over‐ and Underregulation," Risk Analysis, John Wiley & Sons, vol. 37(9), pages 1644-1651, September.
- Eling, Martin & Loperfido, Nicola, 2017. "Data breaches: Goodness of fit, pricing, and risk measurement," Insurance: Mathematics and Economics, Elsevier, vol. 75(C), pages 126-136.
- Spencer Wheatley & Thomas Maillart & Didier Sornette, 2016. "The extreme risk of personal data breaches and the erosion of privacy," The European Physical Journal B: Condensed Matter and Complex Systems, Springer;EDP Sciences, vol. 89(1), pages 1-12, January.
- Claire Lending & Kristina Minnick & Patrick J. Schorno, 2018. "Corporate Governance, Social Responsibility, and Data Breaches," The Financial Review, Eastern Finance Association, vol. 53(2), pages 413-455, May.
- Kevin M. Gatzlaff & Kathleen A. McCullough, 2010. "The Effect of Data Breaches on Shareholder Wealth," Risk Management and Insurance Review, American Risk and Insurance Association, vol. 13(1), pages 61-83, March.
- Dirk Wrede & Tino Stegen & Johann-Matthias Schulenburg, 2020. "Affirmative and silent cyber coverage in traditional insurance policies: Qualitative content analysis of selected insurance products from the German insurance market," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 657-689, October.
- Zachary A. Collier & Igor Linkov & James H. Lambert, 2013. "Four domains of cybersecurity: a risk-based systems approach to cyber decisions," Environment Systems and Decisions, Springer, vol. 33(4), pages 469-470, December.
Citations
Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
Cited by:
- Erkan-Barlow, Asligul & Nguyen, Trung, 2024. "Cybersecurity and executive compensation: Can inside debt-induced risk aversion improve cyber risk management effectiveness?," International Review of Financial Analysis, Elsevier, vol. 93(C).
- Pavel V. Shevchenko & Jiwook Jang & Matteo Malavasi & Gareth W. Peters & Georgy Sofronov & Stefan Truck, 2022. "The Nature of Losses from Cyber-Related Events: Risk Categories and Business Sectors," Papers 2202.10189, arXiv.org, revised Mar 2022.
- Nadine Gatzert & Madeline Schubert, 2022. "Cyber risk management in the US banking and insurance industry: A textual and empirical analysis of determinants and value," Journal of Risk & Insurance, The American Risk and Insurance Association, vol. 89(3), pages 725-763, September.
- Gareth W. Peters & Matteo Malavasi & Georgy Sofronov & Pavel V. Shevchenko & Stefan Trück & Jiwook Jang, 2023. "Cyber loss model risk translates to premium mispricing and risk sensitivity," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 48(2), pages 372-433, April.
- Alessandro Mazzoccoli & Maurizio Naldi, 2022. "An Overview of Security Breach Probability Models," Risks, MDPI, vol. 10(11), pages 1-29, November.
- Matteo Malavasi & Gareth W. Peters & Stefan Treuck & Pavel V. Shevchenko & Jiwook Jang & Georgy Sofronov, 2024. "Cyber Risk Taxonomies: Statistical Analysis of Cybersecurity Risk Classifications," Papers 2410.05297, arXiv.org.
- Denuit, Michel & Ortega-Jimenez, Patricia & Robert, Christian Y., 2024. "No-sabotage under conditional mean risk sharing of dependent-by-mixture insurance losses," LIDAM Discussion Papers ISBA 2024019, Université catholique de Louvain, Institute of Statistics, Biostatistics and Actuarial Sciences (ISBA).
- Nguyen, Son & Shu-Ling Chen, Peggy & Du, Yuquan, 2022. "Risk assessment of maritime container shipping blockchain-integrated systems: An analysis of multi-event scenarios," Transportation Research Part E: Logistics and Transportation Review, Elsevier, vol. 163(C).
Most related items
These are the items that most often cite the same works as this one and are cited by the same works as this one.- Zängerle, Daniel & Schiereck, Dirk, 2022. "Modelling and predicting enterprise‑level cyber risks in the context of sparse data availability," Publications of Darmstadt Technical University, Institute for Business Studies (BWL) 136276, Darmstadt Technical University, Department of Business Administration, Economics and Law, Institute for Business Studies (BWL).
- Michael McShane & Trung Nguyen, 0. "Time-varying effects of cyberattacks on firm value," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 0, pages 1-36.
- Michael McShane & Trung Nguyen, 2020. "Time-varying effects of cyberattacks on firm value," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 580-615, October.
- Alessandro Mazzoccoli, 2023. "Optimal Cyber Security Investment in a Mixed Risk Management Framework: Examining the Role of Cyber Insurance and Expenditure Analysis," Risks, MDPI, vol. 11(9), pages 1-14, August.
- Alessandro Mazzoccoli & Maurizio Naldi, 2022. "An Overview of Security Breach Probability Models," Risks, MDPI, vol. 10(11), pages 1-29, November.
- Angelica Marotta & Michael McShane, 2018. "Integrating a Proactive Technique Into a Holistic Cyber Risk Management Approach," Risk Management and Insurance Review, American Risk and Insurance Association, vol. 21(3), pages 435-452, December.
- Spencer Wheatley & Annette Hofmann & Didier Sornette, 2021. "Addressing insurance of data breach cyber risks in the catastrophe framework," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 46(1), pages 53-78, January.
- Gareth W. Peters & Matteo Malavasi & Georgy Sofronov & Pavel V. Shevchenko & Stefan Trück & Jiwook Jang, 2023. "Cyber loss model risk translates to premium mispricing and risk sensitivity," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 48(2), pages 372-433, April.
- Daniel Zängerle & Dirk Schiereck, 2023. "Modelling and predicting enterprise-level cyber risks in the context of sparse data availability," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 48(2), pages 434-462, April.
- Farkas, Sébastien & Lopez, Olivier & Thomas, Maud, 2021. "Cyber claim analysis using Generalized Pareto regression trees with applications to insurance," Insurance: Mathematics and Economics, Elsevier, vol. 98(C), pages 92-105.
- Gareth W. Peters & Matteo Malavasi & Georgy Sofronov & Pavel V. Shevchenko & Stefan Truck & Jiwook Jang, 2022. "Cyber Loss Model Risk Translates to Premium Mispricing and Risk Sensitivity," Papers 2202.10588, arXiv.org, revised Mar 2023.
- Eling, Martin & Jung, Kwangmin, 2018. "Copula approaches for modeling cross-sectional dependence of data breach losses," Insurance: Mathematics and Economics, Elsevier, vol. 82(C), pages 167-180.
- Kjartan Palsson & Steinn Gudmundsson & Sachin Shetty, 2020. "Analysis of the impact of cyber events for cyber insurance," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 564-579, October.
- Md. Hamid Uddin & Md. Hakim Ali & Mohammad Kabir Hassan, 2020. "Cybersecurity hazards and financial system vulnerability: a synthesis of literature," Risk Management, Palgrave Macmillan, vol. 22(4), pages 239-309, December.
- Jevtić, Petar & Lanchier, Nicolas, 2020. "Dynamic structural percolation model of loss distribution for cyber risk of small and medium-sized enterprises for tree-based LAN topology," Insurance: Mathematics and Economics, Elsevier, vol. 91(C), pages 209-223.
- Kjartan Palsson & Steinn Gudmundsson & Sachin Shetty, 0. "Analysis of the impact of cyber events for cyber insurance," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 0, pages 1-16.
- Matteo Malavasi & Gareth W. Peters & Pavel V. Shevchenko & Stefan Truck & Jiwook Jang & Georgy Sofronov, 2021. "Cyber Risk Frequency, Severity and Insurance Viability," Papers 2111.03366, arXiv.org, revised Mar 2022.
- Domenico Giovanni & Arturo Leccadito & Marco Pirra, 2021. "On the determinants of data breaches: A cointegration analysis," Decisions in Economics and Finance, Springer;Associazione per la Matematica, vol. 44(1), pages 141-160, June.
- Malavasi, Matteo & Peters, Gareth W. & Shevchenko, Pavel V. & Trück, Stefan & Jang, Jiwook & Sofronov, Georgy, 2022. "Cyber risk frequency, severity and insurance viability," Insurance: Mathematics and Economics, Elsevier, vol. 106(C), pages 90-114.
- Omer Ilker Poyraz & Mustafa Canan & Michael McShane & C. Ariel Pinto & T. Steven Cotter, 2020. "Cyber assets at risk: monetary impact of U.S. personally identifiable information mega data breaches," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 616-638, October.
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:bla:rmgtin:v:24:y:2021:i:1:p:93-125. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Wiley Content Delivery (email available below). General contact details of provider: http://www.blackwellpublishing.com/journal.asp?ref=1098-1616 .
Please note that corrections may take a couple of weeks to filter through the various RePEc services.