IDEAS home Printed from https://ideas.repec.org/a/taf/jriskr/v22y2019i1p32-43.html
   My bibliography  Save this article

A practical road map for assessing cyber risk

Author

Listed:
  • Zeinab Amin

Abstract

The increase in interconnectivity and developments in technology have caused cyber security to become a universal concern. This paper highlights the dangers of the evolution of cyber risk, the challenges of quantifying the impact of cyber-attacks and the feasibility of the traditional actuarial methodologies for quantifying cyber losses. In this paper, we present a practical roadmap for assessing cyber risk, a roadmap that emphasizes the importance of developing a company and culture-specific risk and resilience model. We develop a structure for a Bayesian network to model the financial loss as a function of the key drivers of risk and resilience. We use qualitative scorecard assessment to determine the level of cyber risk exposure and evaluate the effectiveness of resilience efforts in the organization. We highlight the importance of capitalizing on the knowledge of experts within the organization and discuss methods for aggregating multiple assessments. From an enterprise risk management perspective, impact on value should be the primary concern of managers. This paper uses a value-centric/reputational approach to risk management rather than a regulatory/capital-centric approach to risk.

Suggested Citation

  • Zeinab Amin, 2019. "A practical road map for assessing cyber risk," Journal of Risk Research, Taylor & Francis Journals, vol. 22(1), pages 32-43, January.
  • Handle: RePEc:taf:jriskr:v:22:y:2019:i:1:p:32-43
    DOI: 10.1080/13669877.2017.1351467
    as

    Download full text from publisher

    File URL: http://hdl.handle.net/10.1080/13669877.2017.1351467
    Download Restriction: Access to full text is restricted to subscribers.

    File URL: https://libkey.io/10.1080/13669877.2017.1351467?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Dirk Wrede & Tino Stegen & Johann-Matthias Schulenburg, 2020. "Affirmative and silent cyber coverage in traditional insurance policies: Qualitative content analysis of selected insurance products from the German insurance market," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 657-689, October.
    2. Davide Settembre-Blundo & Rocío González-Sánchez & Sonia Medina-Salgado & Fernando E. García-Muiña, 2021. "Flexibility and Resilience in Corporate Decision Making: A New Sustainability-Based Risk Management System in Uncertain Times," Global Journal of Flexible Systems Management, Springer;Global Institute of Flexible Systems Management, vol. 22(2), pages 107-132, December.
    3. Najat Shakir Mahmood & Elsadig Musa Ahmed, 2023. "Mediating effect of risk management practices in Iraqi private banks financial performance," Journal of Financial Services Marketing, Palgrave Macmillan, vol. 28(2), pages 358-377, June.

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:taf:jriskr:v:22:y:2019:i:1:p:32-43. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Chris Longhurst (email available below). General contact details of provider: http://www.tandfonline.com/RJRR20 .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.