Rainer Böhme (Universität Innsbruck)
Quantifying Cyber Risk
WIFO Research Seminar, 31.05.2021 13:30
Online via GoToMeeting – Working Paper: https://informationsecurity.uibk.ac.at/pdfs/WB2020_sok_cyberrisk_snp.pdf – Video der Präsentation: https://youtu.be/XTCWkgkhZHU
Veranstalter: Österreichisches Institut für Wirtschaftsforschung
Online seit: 17.05.2021 0:00
Research question(s): How much harm results from cyber incidents? − Which security interventions effectively reduce harm? − Have these answers changed over time? • Approach: Systematization of the empirical literature in several disciplines • Data: Stock markets, financial disclosures, insurance claims, news reports (breach disclosures), technical measurements, survey responses • Main result(s): Studies disagree on the harm resulting from cyber incidents − Omitted variables and sampling biases cast doubt on many results − Indicators of exposure explain more variance than indicators of preventive security − Very little is known about systemic cyber risk Policy implication(s): The market can handle individual cyber losses, but externalities creating systemic cyber risk require policy attention. Statistical institutes should extend the collection of cyber risk indicators on a representative basis.
Forschungsbereich:Ohne Forschungsbereichszuordnung
Sprache:Englisch