Since every process of the financial industry's daily operations moved into the cyberspace, the defence against the malicious software has become one of the essential pillars of the financial institutions' operational risk management. This shift has motivated companies to ponder the ways to reduce their cyber risk exposure. The solutions usually center around adopting technical defence schemes for mitigation of the destructive impacts of cyber crimes. However, the dynamic nature of cyber attacks results in serious complications in maintaining a functioning cyber security system. Consequently, companies purchase insurance products in order to reimburse the possible cyber losses. As a response to the emerging demand, modelling, pricing and marketing of cyber insurance products are becoming prominent within the insurance industry. In particular, the pricing of premiums for policyholders with different cyber defence schemes needs to be addressed in detail. The attached article investigates both of these issues by discussing the calculation of the optimal size of potential technical defence expenditures as well as looking into the approaches to pricing of cyber insurance products.
Part III: Cyber Risk Management, Security Controls and Insurance
In continuation of our discussion of cyber risk, this paper investigates the issues of cyber risk management within financial industry. In particular, we look into the process of determining the optimal size of the investments in cyber security as well as the quantification of the appropriate cyber insurance premiums.