/

Nematrian Reference Library

[this page | back links]

Set out below is information (held by the Nematrian website) on the reference you have selected


ReferenceTitleLink
Egan, R., Cartagena, S., Mohamed, R., Gosrani, V., Grewal, J., Acharyya, M., Dee, A., Bajaj, R., Jaeger, V-J., Katz, D., Meghen, P., Silley, M., Nasser-Probert, S., Pikinska, J., Rubin, R. and Ang, K. (2018)Cyber operational risk scenarios for insurance companieshere

Abstract

"Cyber risk is routinely cited as one of the most important sources of operational risks facing organisations today, in various publications and surveys (Hubmann 2018) (Osborn 2018). Further, in recent years, cyber risk has entered the public conscience through highly publicised events involving affected UK organisations such as TalkTalk, Morrisons and the NHS. Regulators and legislators are increasing their focus on this topic, with General Data Protection Regulation (“GDPR”) a notable example of this.
Risk actuaries and other risk management professionals at insurance companies therefore need to have a robust assessment of the potential losses stemming from cyber risk that their organisations may face. They should be able to do this as part of an overall risk management framework and be able to demonstrate this to stakeholders such as regulators and shareholders.
Given that cyber risks are still very much new territory for insurers and there is no commonly accepted practice, this paper describes a proposed framework in which to perform such an assessment. As part of this, we leverage two existing frameworks - the Chief Risk Officer (“CRO”) Forum cyber incident taxonomy, and the National Institute of Standards and Technology (“NIST”) framework – to describe the taxonomy of a cyber incident, and the relevant cyber security and risk mitigation items for the incident in question, respectively."


See here to choose a new Category/Sub-Category or here for a list of all references held by the Nematrian website. Please contact us if any of the above material is inaccurate or if there are references you think should be included that we have excluded or vice-versa.
Desktop view | Switch to Mobile