Special Issue "Cyber Risk and Security"

A special issue of Risks (ISSN 2227-9091).

Deadline for manuscript submissions: 20 October 2020.

Special Issue Editors

Dr. Michel Dacorogna
Website
Guest Editor
Prime Re Solutions, 6340 Baar, Switzerland
Interests: quantitative risk management; finance; insurance economics; actuarial science
Prof. Marie Kratz
Website
Guest Editor
ESSEC Business School, CREAR risk research center, Paris - Singapore
Interests: risk analysis and management; extreme value theory; probability and statistics; actuarial mathematics

Special Issue Information

Dear Colleagues,

Cyber threats and cyber crimes have increased in recent decades, due to a rapid diffusion of new and evolving Information and Communication Technologies (ICT) such as social media, cloud computing, big data, Internet of Things (IoT), and smart cities in recent decades. Organizations have delayed the adoption of big data and the cloud due to real and perceived cyber threats associated with such technologies. (Re)insurance are asked to insure cyber risks, but it is a hot ongoing research topic as today there is no clear view on how to model cyber risk and hence how to price it. The importance of cyber security for organizations is growing. Cyber security entails being able to be able to create a typology of cyber offenses and cyber risks and to analyze them in order to be able to manage them (to minimize and prevent cyber attack risks facing a company or an organization).

Research on cyber risks and security is by nature multi-disciplinary and involves researchers from data analytics, economics, finance, forensic science, information systems, IT, management science, and mathematics. The journal Risks offers an ideal platform to gather forefront research from different fields on the complex subject of cyber risk and security. This Special Issue aims at publishing high-quality papers focused on quantitative analysis and management on this topic.

Our ambition is to offer a discussion of the state-of-the-art and introduce new theoretical or/and practical developments in this field. We welcome papers related to, but not limited to, the following topics (in alphabetic order):

  • Artificial intelligence and cyber risk and security;
  • Crypto-currencies and cyber security;
  • Cyber forensics;
  • Cyber risk scenarios;
  • Cyber (re)insurance;
  • Cyber security/resilience metrics and their measurements;
  • Data analytics of cyber crimes;
  • Data anonymization and security algorithms;
  • Hedging of cyber risk;
  • Modeling of cyber risks;
  • Strategies (economics, IT) for cyber resilience or security;
  • Systemic cyber risk;
  • Text data mining and cyber risk and security.

We welcome joint contributions by authors from different fields.

Dr. Michel Dacorogna
Prof. Marie Kratz
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Risks is an international peer-reviewed open access quarterly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1000 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Published Papers (2 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Open AccessArticle
A Multivariate Model to Quantify and Mitigate Cybersecurity Risk
Risks 2020, 8(2), 61; https://doi.org/10.3390/risks8020061 - 04 Jun 2020
Abstract
The cost of cybersecurity incidents is large and growing. However, conventional methods for measuring loss and choosing mitigation strategies use simplifying assumptions and are often not supported by cyber attack data. In this paper, we present a multivariate model for different, dependent types [...] Read more.
The cost of cybersecurity incidents is large and growing. However, conventional methods for measuring loss and choosing mitigation strategies use simplifying assumptions and are often not supported by cyber attack data. In this paper, we present a multivariate model for different, dependent types of attack and the effect of mitigation strategies on those attacks. Utilising collected cyber attack data and assumptions on mitigation approaches, we look at an example of using the model to optimise the choice of mitigations. We find that the optimal choice of mitigations will depend on the goal—to prevent extreme damages or damage on average. Numerical experiments suggest the dependence aspect is important and can alter final risk estimates by as much as 30%. The methodology can be used to quantify the cost of cyber attacks and support decision making on the choice of optimal mitigation strategies. Full article
(This article belongs to the Special Issue Cyber Risk and Security)
Show Figures

Figure 1

Open AccessArticle
Towards an Economic Cyber Loss Index for Parametric Cover Based on IT Security Indicator: A Preliminary Analysis
Risks 2020, 8(2), 45; https://doi.org/10.3390/risks8020045 - 08 May 2020
Abstract
As cyber events have virtually no geographical limitations and can result in economic losses on a global scale, the assessment of return periods for such economic losses is currently debated among experts. The potential accumulation of consequential insurance losses due to intrusions or [...] Read more.
As cyber events have virtually no geographical limitations and can result in economic losses on a global scale, the assessment of return periods for such economic losses is currently debated among experts. The potential accumulation of consequential insurance losses due to intrusions or viruses is one of the major reasons why the (re-)insurance industry has limited risk appetite for cyber related risks. In order to increase the risk appetite for cyber risk and based on a first batch of data provided by Symantec, the goal of this article is to: Check if IT activity, i.e., the number of virus or intrusions being blocked by Norton on end-user computers could be used as an index for parametric covers that reinsurance companies could propose to their cedants; Look into the correlations of this IT activity across different regions, thereby confirming the absence of geographical limitations for cyber risk, and hence confirming the systemic nature of this risk. This first study on the Symantec dataset shows that a cyber index based on IT activity could be a useful tool to design parametric reinsurance product. Full article
(This article belongs to the Special Issue Cyber Risk and Security)
Show Figures

Figure 1

Back to TopTop