• PDF / 854,594 Bytes
• 31 Pages / 439.37 x 666.142 pts Page_size
• 107 Downloads / 184 Views

DOWNLOAD

REPORT

Cyber risk research in business and actuarial science Martin Eling1  Received: 11 August 2020 / Revised: 26 September 2020 / Accepted: 30 September 2020 / Published online: 14 October 2020 © EAJ Association 2020

Abstract We review the academic literature on “cyber risk” and “cyber insurance” in the fields of business (management, economics, finance, risk management and insurance) and actuarial science. Our results show that cyber risk is an increasingly important research topic in many disciplines, but one that so far has received little attention in business and actuarial science. Business research has documented the manifold detrimental effects of cyber risks using event studies and scenario analyses, while economic research is especially concerned with trade-offs between different risk management activities. Quantitative research including papers published in actuarial journals mainly focuses on loss modelling, especially taking dependencies and network structure into account. We categorize the empirical literature on cyber risk to filter out what we know on the frequency, severity and dependence structure of cyber risk. Finally, we list open research questions which demonstrate that cyber risk research is still in its infancy and that there is ample room for future research. Keywords  Cyber risk · Cyber insurance · Event studies · Dependence modelling · Network modelling

1 Cyber risk research in business and actuarial science 1.1 Motivation Cyber risks are operational risks to information and technology assets that have consequences for the confidentiality, availability, and integrity of information and information systems (Cebula and Young [16]). Despite its increasing relevance for businesses and society, research on cyber risk remains very limited. Some papers have been published in the computer science domain, but little research has been done in the fields of business and actuarial science. Existing articles emphasize the lack of data and modelling challenges (e.g., Maillart and Sornette [54]; Biener et al. * Martin Eling [email protected] 1



University of St. Gallen, St. Gallen, Switzerland

13

Vol.:(0123456789)

304 M. Eling

[10]), the complexity and dependent risk structure (e.g., Hofmann and Ramaj [44]), and adverse selection and moral hazard problems (e.g., Gordon et  al. [40]). More applied research is concerned with the potentially huge losses from worst-case scenarios such as the breakdown of critical infrastructure (e.g., World Economic Forum [82]; Lloyd’s [52]; Long Finance [35]). The literature thus highlights challenges in the risk management and insurability of cyber risks. The intention of this paper is to review the academic literature on “cyber risk” and “cyber insurance” in the fields of business (i.e. journals in the field of management, economics, finance, risk management and insurance) and actuarial science. The results document that cyber risk is an increasingly important research topic in many disciplines,1 but still has received scant attention in the business and actuari

Recommend Documents

Modern Actuarial Risk Theory

217 30 24MB

Cyber Risk and Cyber Risk Insurance: Status Quo and Future Research

153 14 75KB

Modern Actuarial Risk Theory Using R

203 39 3MB

Cyber-Risk Management

429 106 2MB

Bayesian Statistics in Actuarial Science with Emphasis on Credibilit

154 91 15MB

Toward Cyber-Physical-Social Science

159 105 9MB

Disaster Risk Science: A Geographical Perspective and a Research Framework

205 63 911KB

Risk, Uncertainty, and Business Creation

166 87 54MB

Research in Data Science

214 11 14MB

Emergence in cyber-physical systems: potential and risk

179 85 314KB

Pioneers in Entrepreneurship and Small Business Research

193 61 18KB

Research Methods in International Business

229 16 6MB