CeFPro Connect

Header banner
CeFPro Connect Subscribe to our weekly newsletter
Article
Cyber risk, compliance and quantification
Cyber risk, compliance and quantification
government entities to protect broader economic and societal interests by seeking to address issues from the types of incidents that have previously wreaked havoc. Businesses, however, need to look at their own tailored threat landscape and assess what measures are needed that go beyond compliance. This approach is key to ensuring their continued growth in a fast-evolving world of cyber threats.Kishan: It’s easy to be compliant but harder to be more resilient to cyber threats, and there’s an intersection between those two. Compliance with regulators also means there are some levels of resilience to threats, but a significant portion isn’t. Regulations are lagging indicators of things that we already know, for example, attack vectors; we need to be ahead of the curve, especially in certain industries like the military, financial services and pharmaceuticals. think this makes our job much harder.How is quantifying cyber risk in dollar terms beneficial and challenging for a financial institution?Kishan: It’s very beneficial to compare cyber risk with other types of risks, certainly in financial services. It’s easy to quantify credit and market risks, but it’s much harder for cyber risks. The attraction and messaging make it easier if you can quantify it and put risks in dollar terms. However, there’s a real challenge in doing that because the industry frameworks, such as Factor Analysis of Information Risk (FAIR), are only as good as our inputs. Often, a level of precision isn’t there in terms of specificity. It’s a maturing landscape, but it’s a massive uphill struggle currently.scenarios instead of everyone doing it themselves and coming up short.Ria: Cyber risk quantification strategies can be immensely helpful in multiple ways. For example, they can help a company assess what realistic insurance coverage may be needed; these quantification strategies may also be crucial during a cyber crisis in helping an executive leadership team to assess critical decisions, such
Log in to continue reading
Thank you for visiting CeFPro Connect and reading our latest industry updates. To continue reading more, please create your free account. You'll enjoy the following great benefits:
WHAT'S INCLUDED
  • Unlimited access to peer-contribution articles and insights
  • Global research and market intelligence reports
  • Discover iNFRont Magazine, an NFR publication
  • Panel discussion and presentation recordings
REGISTER HERE > SIGN IN >
          
Skyscraper banner
Related insights
A new regulatory focus in compliance: Off-channel communication
A new regulatory focus in compliance: Off-channel communication
Fintech Advances and Financial Services – what does the post-covid road hold?
Fintech Advances and Financial Services – what does the post-covid road hold?
A mandate for model governance in the age of AI
A mandate for model governance in the age of AI
CeFPro's MD interviews Chief Risk Officer & Chief Compliance Officer, Issuer Services BNY Mellon at Risk EMEA 2023
CeFPro's MD interviews Chief Risk Officer & Chief Compliance Officer, Issuer Services BNY Mellon at Risk EMEA 2023
Fraud and Financial Crime Europe 2023 in review
Fraud and Financial Crime Europe 2023 in review