Details

Rainer Böhme (University of Innsbruck)
Quantifying Cyber Risk
WIFO Research Seminar, Österreichisches Institut für Wirtschaftsforschung, Wien, 31.05.2021 13:30
Organised by: Austrian Institute of Economic Research
Online since: 17.05.2021 0:00
Research question(s): How much harm results from cyber incidents? − Which security interventions effectively reduce harm? − Have these answers changed over time? • Approach: Systematization of the empirical literature in several disciplines • Data: Stock markets, financial disclosures, insurance claims, news reports (breach disclosures), technical measurements, survey responses • Main result(s): Studies disagree on the harm resulting from cyber incidents − Omitted variables and sampling biases cast doubt on many results − Indicators of exposure explain more variance than indicators of preventive security − Very little is known about systemic cyber risk Policy implication(s): The market can handle individual cyber losses, but externalities creating systemic cyber risk require policy attention. Statistical institutes should extend the collection of cyber risk indicators on a representative basis.
Research group:No Research Group affiliation
Language:English