Author
Listed:
- A. Berdyugin A.
(Financial University)
- P. Revenkov V.
(Financial University)
- А. Бердюгин А.
(Финансовый университет)
- П. Ревенков В.
(Финансовый университет)
Abstract
The authors investigate the risks of computer attacks on automated banking systems. The relevance of the study is due to the need to revise the approaches to risk assessment based on the technical components of banking business processes and the consequences of cyber-attacks aimed at banking automated systems in credit institutions. The aim of the study is to describe the developed methods for assessing cyber risks in a commercial bank and provide an option for assessing the risks of information security violations in electronic banking technologies. The methodology of the article includes the analysis of domestic and foreign literature on the research topic, the theoretical and probabilistic method of calculation, computer programming and graphic interpretation of information. The authors analysed the operational risk of a commercial bank to develop components of the operational risk management system in the context of developing electronic banking technologies. They designed a computer program to quantify risk probabilities of cyberattacks on electronic banking technologies (by means of Borland Delphi). The work presents a formalised probabilistic model for determining the most vulnerable segment of risk management techniques used by information security structures. The conclusion is that it is possible to develop a software package based on a mathematical model that reduces the number of checks of risk factors by several times. The research results may be of further use for the development of risk divisions in credit institutions using electronic banking technologies. Авторы исследуют риски компьютерных атак на автоматизированные банковские системы. Актуальность исследования обусловлена необходимостью пересмотра подходов к оценке рисков, в основе которых лежат технические составляющие банковских бизнес-процессов и последствия кибератак, направленных на банковские автоматизированные системы в кредитных организациях. Цель исследования состоит в описании разработанных методов оценки киберриска в коммерческом банке и предложении одного из вариантов оценки рисков нарушения информационной безопасности в технологиях электронного банкинга. Методология статьи включает анализ отечественной и зарубежной литературы по теме исследования, теоретико-вероятностный метод расчета, компьютерное программирование и графическую интерпретацию информации. Проанализирован операционный риск коммерческого банка для разработки компонентов системы операционного риск-менеджмента в условиях развития технологий электронного банкинга. Разработана компьютерная программа для количественной оценки вероятности риска воздействия кибератак на технологии электронного банкинга (с использованием Borland Delphi). Формализована вероятностная модель определения наиболее уязвимого сегмента техник риск-менеджмента, используемых структурами по обеспечению информационной безопасности. Сделан вывод о возможности разработки программного комплекса на основании математической модели, позволяющей сократить количество проверок факторов риска в несколько раз. Результаты исследования могут быть применены для дальнейших практических разработок риск-подразделений кредитных организаций, использующих технологии электронного банкинга.
Suggested Citation
Download full text from publisher
More about this item
Keywords
;
;
;
;
;
;
;
;
;
;
;
;
;
;
;
;
;
;
;
;
JEL classification:
- G21 - Financial Economics - - Financial Institutions and Services - - - Banks; Other Depository Institutions; Micro Finance Institutions; Mortgages
- G32 - Financial Economics - - Corporate Finance and Governance - - - Financing Policy; Financial Risk and Risk Management; Capital and Ownership Structure; Value of Firms; Goodwill
- L86 - Industrial Organization - - Industry Studies: Services - - - Information and Internet Services; Computer Software
- G21 - Financial Economics - - Financial Institutions and Services - - - Banks; Other Depository Institutions; Micro Finance Institutions; Mortgages
- G32 - Financial Economics - - Corporate Finance and Governance - - - Financing Policy; Financial Risk and Risk Management; Capital and Ownership Structure; Value of Firms; Goodwill
- L86 - Industrial Organization - - Industry Studies: Services - - - Information and Internet Services; Computer Software
Statistics
Access and download statistics
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:scn:financ:y:2020:i:6:p:51-60. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Алексей Скалабан (email available below). General contact details of provider: http://financetp.fa.ru .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.