Journal of Operational Risk
ISSN:
1744-6740 (print)
1755-2710 (online)
Editor-in-chief: Marcelo Cruz
Need to know
- The objective of this paper is to analyse cyber risk from an operational risk perspective and to measure cyber risk empirically.
- Using a novel data set on cyber attacks, we analyse the main characteristics of cyber attacks and identify patterns using correspondence analysis.
- The results emphasize the need to improve the modelling of cyber risk from an operational risk perspective.
Abstract
Cyber risk has emerged as a key threat to financial institutions. The objective of this paper is to analyze cyber risk from an operational risk perspective and to measure cyber risk empirically. Using a novel data set on cyber attacks, we analyze the main characteristics of cyber attacks and identify patterns using correspondence analysis. We apply the loss distribution approach to the data set and show that the distribution of losses due to cyber risk has a heavy tail and is best modeled by a generalized Pareto distribution. We derive risk measures under different scenarios and show that the estimated losses are substantially larger than the size of the cyber-insurance market. Our results emphasize the need to improve the modeling of cyber risk from an operational risk perspective.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@risk.net
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@risk.net
