IDEAS home Printed from https://ideas.repec.org/a/aea/apandp/v109y2019p482-87.html

Some Principles for Regulating Cyber Risk

Author

Listed:
  • Anil K. Kashyap
  • Anne Wetherilt

Abstract

We explain why cyber risk differs from other operational risks in the financial sector. The form of cyber shocks differs because of their intent, probability of success, possibility of a hidden phase, and evolving form of the risks. The impact differs because problems can spread quickly and because uncertainty over the possibility of a hidden phase can impact responses. We explain why private incentives to attend to these risks may differ from societies' preferences and develop six (micro- and macroprudential) regulatory principles to deal with cyber risk.

Suggested Citation

  • Anil K. Kashyap & Anne Wetherilt, 2019. "Some Principles for Regulating Cyber Risk," AEA Papers and Proceedings, American Economic Association, vol. 109, pages 482-487, May.
    • Handle: RePEc:aea:apandp:v:109:y:2019:p:482-87
    Note: DOI: 10.1257/pandp.20191058
    as

    Download full text from publisher

    File URL: https://www.aeaweb.org/doi/10.1257/pandp.20191058
    Download Restriction: no
    File URL: https://www.aeaweb.org/doi/10.1257/pandp.20191058.ds
    Download Restriction: Access to full text is restricted to AEA members and institutional subscribers.
    ---><---

    Other versions of this item:

    Citations

    Blog mentions

    As found by EconAcademics.org, the blog aggregator for Economics research:
    1. Cyber Risk, Financial Stability and the Payments System
      by Steve Cecchetti and Kim Schoenholtz in Money, Banking and Financial Markets on 2020-07-26 15:50:41

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. José Ramón Martínez Resano, 2022. "Digital resilience and financial stability. The quest for policy tools in the financial sector," Financial Stability Review, Banco de España, issue Autumn.
    2. Rustam Jamilov & Hélène Rey & Ahmed Tahoun, 2021. "The Anatomy of Cyber Risk," NBER Working Papers 28906, National Bureau of Economic Research, Inc.
    3. Abthal Abdajabar & Nur Arzilawati Md Yunus, 2023. "A Review On The Impact Of Cybersecurity Crimes In Financial Institutions During The Time Of Covid-19," Acta Informatica Malaysia (AIM), Zibeline International Publishing, vol. 7(1), pages 19-23, February.
    4. Francisco José Herrera Luque & José Munera López & Paul Williams, 2021. "Cyber risk as a threat to financial stability," Financial Stability Review, Banco de España, issue Spring.
    5. Douglas Cumming & My Nguyen & Anh Viet Pham & Ama Samarasinghe, 2025. "Banking system stability: A global analysis of cybercrime laws," Papers 2512.01237, arXiv.org.
    6. Crosignani, Matteo & Macchiavelli, Marco & Silva, André F., 2023. "Pirates without borders: The propagation of cyberattacks through firms’ supply chains," Journal of Financial Economics, Elsevier, vol. 147(2), pages 432-448.
    7. José Ramón Martínez Resano, 2022. "Digital resilience and financial stability. The quest for policy tools in the financial sector," Revista de Estabilidad Financiera, Banco de España, issue Otoño.
    8. Bertay, Ata & Huizinga, Harry, 2021. "Digital Transformation – Why Do Some Significant Banks Fall Behind," Other publications TiSEM b258b284-d868-4062-b11b-e, Tilburg University, School of Economics and Management.
    9. Boot, Arnoud & Hoffmann, Peter & Laeven, Luc & Ratnovski, Lev, 2021. "Fintech: what’s old, what’s new?," Journal of Financial Stability, Elsevier, vol. 53(C).
    10. Thomas M. Eisenbach & Anna Kovner & Michael Junho Lee, 2022. "When It Rains, It Pours: Cyber Risk and Financial Conditions," Staff Reports 1022, Federal Reserve Bank of New York.
    11. Francisco José Herrera Luque & José Munera López & Paul Williams, 2021. "Cyber risk as a threat to financial stability," Financial Stability Review, Banco de España, issue Spring.
    12. Eisenbach, Thomas M. & Kovner, Anna & Lee, Michael Junho, 2022. "Cyber risk and the U.S. financial system: A pre-mortem analysis," Journal of Financial Economics, Elsevier, vol. 145(3), pages 802-826.
    13. Kerssenfischer, Mark & Helmus, Caspar, 2024. "Outages in sovereign bond markets," Working Paper Series 2944, European Central Bank.
    14. Chang, Jin-Wook & Jayachandran, Kartik & Ramírez, Carlos A. & Tintera, Ali, 2024. "On the anatomy of cyberattacks," Economics Letters, Elsevier, vol. 238(C).
    15. Aldasoro, Iñaki & Gambacorta, Leonardo & Giudici, Paolo & Leach, Thomas, 2022. "The drivers of cyber risk," Journal of Financial Stability, Elsevier, vol. 60(C).
    16. Facchinetti, Silvia & Osmetti, Silvia Angela & Tarantola, Claudia, 2023. "Network models for cyber attacks evaluation," Socio-Economic Planning Sciences, Elsevier, vol. 87(PB).
    17. Ramírez, Carlos A., 2025. "On equilibrium cyber risk," Economics Letters, Elsevier, vol. 251(C).
    18. Matteo Malavasi & Gareth W. Peters & Stefan Treuck & Pavel V. Shevchenko & Jiwook Jang & Georgy Sofronov, 2024. "Cyber Risk Taxonomies: Statistical Analysis of Cybersecurity Risk Classifications," Papers 2410.05297, arXiv.org.
    19. Strauss, Tal, 2026. "Cyber Risk, Regulation, and Firm Resilience," Other publications TiSEM efb58ae1-e7b6-41dc-b403-2, Tilburg University, School of Economics and Management.
    20. José Ramón Martínez Resano, 2022. "Digital resilience and financial stability. The quest for policy tools in the financial sector," Financial Stability Review, Banco de España, issue Autumn.
    21. Francisco José Herrera Luque & José Munera López & Paul Williams, 2021. "Cyber risk as a threat to financial stability," Revista de Estabilidad Financiera, Banco de España, issue Primavera.
    22. Anand, Kartik & Duley, Chanelle & Gai, Prasanna, 2022. "Cybersecurity and financial stability," Discussion Papers 08/2022, Deutsche Bundesbank.
    23. Anil K Kashyap, 2020. "My Reflections on the FPC's Strategy," Journal of Money, Credit and Banking, Blackwell Publishing, vol. 52(S1), pages 63-75, October.
    24. Thomas M. Eisenbach & Anna Kovner & Michael Junho Lee, 2025. "When It Rains, It Pours: Cyber Vulnerability and Financial Conditions," Economic Policy Review, Federal Reserve Bank of New York, vol. 31(1), pages 1-24, January.
    25. Bertay, Ata & Huizinga, Harry, 2021. "Why Do Some Significant Banks Fall Behind?," Other publications TiSEM 10694b73-0f21-477c-80fe-7, Tilburg University, School of Economics and Management.

    More about this item

    JEL classification:

    • G00 - Financial Economics - - General - - - General
    • K24 - Law and Economics - - Regulation and Business Law - - - Cyber Law
    • L51 - Industrial Organization - - Regulation and Industrial Policy - - - Economics of Regulation

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:aea:apandp:v:109:y:2019:p:482-87. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Michael P. Albert (email available below). General contact details of provider: https://edirc.repec.org/data/aeaaaea.html .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.