IDEAS home Printed from https://ideas.repec.org/p/cpr/ceprdp/13324.html

Some Principles for Regulating Cyber Risk

Author

Listed:
  • Kashyap, Anil
  • Wetherilt, Anne

Abstract

We explain why cyber risk differs from other operational risks in the financial sector. The form of cyber shocks differs because of their intent, probability of success, possibility of a hidden phase and evolving form of the risks. The impact differs because problems can spread quickly and because uncertainty over the possibility of a hidden phase can impact responses. We explain why private incentives to attend to these risks may differ from societies’ preferences and develop six (micro- and macroprudential) regulatory principles to deal with cyber risk.

Suggested Citation

  • Kashyap, Anil & Wetherilt, Anne, 2018. "Some Principles for Regulating Cyber Risk," CEPR Discussion Papers 13324, Centre for Economic Policy Research.
    • Handle: RePEc:cpr:ceprdp:13324
    as

    Download full text from publisher

    File URL: https://cepr.org/publications/DP13324
    Download Restriction: no
    ---><---

    Other versions of this item:

    References listed on IDEAS

    as
    1. Emanuel Kopp & Lincoln Kaffenberger & Christopher Wilson, 2017. "Cyber Risk, Market Failures, and Financial Stability," IMF Working Papers 2017/185, International Monetary Fund.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. José Ramón Martínez Resano, 2022. "Digital resilience and financial stability. The quest for policy tools in the financial sector," Financial Stability Review, Banco de España, issue Autumn.
    2. Caporale, Guglielmo Maria & Kang, Woo-Young & Spagnolo, Fabio & Spagnolo, Nicola, 2020. "Non-linearities, cyber attacks and cryptocurrencies," Finance Research Letters, Elsevier, vol. 32(C).
    3. Antoine Bouveret, 2018. "Cyber Risk for the Financial Sector: A Framework for Quantitative Assessment," IMF Working Papers 2018/143, International Monetary Fund.
    4. Silvia Facchinetti & Paolo Giudici & Silvia Angela Osmetti, 2020. "Cyber risk measurement with ordinal data," Statistical Methods & Applications, Springer;Società Italiana di Statistica, vol. 29(1), pages 173-185, March.
    5. Aldasoro, Iñaki & Gambacorta, Leonardo & Giudici, Paolo & Leach, Thomas, 2022. "The drivers of cyber risk," Journal of Financial Stability, Elsevier, vol. 60(C).
    6. Alessandro Fedele & Cristian Roner, 2022. "Dangerous games: A literature review on cybersecurity investments," Journal of Economic Surveys, Wiley Blackwell, vol. 36(1), pages 157-187, February.
    7. Berger, Allen N. & Curti, Filippo & Mihov, Atanas & Sedunov, John, 2022. "Operational Risk is More Systemic than You Think: Evidence from U.S. Bank Holding Companies," Journal of Banking & Finance, Elsevier, vol. 143(C).
    8. Claudiu Ioan Negrea, 2022. "Can Cyber Risk Affect Financial Stability?," Ovidius University Annals, Economic Sciences Series, Ovidius University of Constantza, Faculty of Economic Sciences, vol. 0(1), pages 368-376, September.
    9. Anum Khan & Muhammad Shujaat Mubarik & Navaz Naghavi, 2023. "What matters for financial inclusions? Evidence from emerging economy," International Journal of Finance & Economics, John Wiley & Sons, Ltd., vol. 28(1), pages 821-838, January.
    10. Yin-Yee Leong & Yen-Chih Chen, 2020. "Cyber risk cost and management in IoT devices-linked health insurance," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 737-759, October.
    11. Lyócsa, Štefan & Molnár, Peter & Plíhal, Tomáš & Širaňová, Mária, 2020. "Impact of macroeconomic news, regulation and hacking exchange markets on the volatility of bitcoin," Journal of Economic Dynamics and Control, Elsevier, vol. 119(C).
    12. Kung‐Cheng Ho & Shih‐Cheng Lee & Zikui Pan & Andreas karathanasopoulos, 2026. "How Does Cyber Risk Impact Systemic Stability?," Journal of Forecasting, John Wiley & Sons, Ltd., vol. 45(2), pages 589-604, March.
    13. Yin-Yee Leong & Yen-Chih Chen, 0. "Cyber risk cost and management in IoT devices-linked health insurance," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 0, pages 1-23.
    14. Mark W. Hodgins, 2025. "The cybersecurity entrepreneur," The Review of Austrian Economics, Springer;Society for the Development of Austrian Economics, vol. 38(3), pages 265-286, September.
    15. José Ramón Martínez Resano, 2022. "Digital resilience and financial stability. The quest for policy tools in the financial sector," Financial Stability Review, Banco de España, issue Autumn.
    16. Francisco José Herrera Luque & José Munera López & Paul Williams, 2021. "Cyber risk as a threat to financial stability," Revista de Estabilidad Financiera, Banco de España, issue Primavera.
    17. Mouhamadou Sow & Christina Gehrke, 2019. "Evaluating Information Security System Effectiveness for Risk Management, Control, and Corporate Governance," Business and Economic Research, Macrothink Institute, vol. 9(1), pages 164-172, March.
    18. Paolo Giudici & Emanuela Raffinetti, 2021. "Cyber risk ordering with rank-based statistical models," AStA Advances in Statistical Analysis, Springer;German Statistical Society, vol. 105(3), pages 469-484, September.
    19. Franklin Allen & Xian Gu & Julapa Jagtiani, 2021. "A Survey of Fintech Research and Policy Discussion," Review of Corporate Finance, now publishers, vol. 1(3-4), pages 259-339, July.
    20. Mohammed Afzal & Mohd. Shamim Ansari & Naseem Ahmad & Mohammad Shahid & Mohd. Shoeb, 2024. "Cyberfraud, usage intention, and cybersecurity awareness among e-banking users in India: an integrated model approach," Journal of Financial Services Marketing, Palgrave Macmillan, vol. 29(4), pages 1503-1523, December.

    More about this item

    Keywords

    ;
    ;
    ;

    JEL classification:

    • G18 - Financial Economics - - General Financial Markets - - - Government Policy and Regulation
    • G28 - Financial Economics - - Financial Institutions and Services - - - Government Policy and Regulation
    • L51 - Industrial Organization - - Regulation and Industrial Policy - - - Economics of Regulation
    • O33 - Economic Development, Innovation, Technological Change, and Growth - - Innovation; Research and Development; Technological Change; Intellectual Property Rights - - - Technological Change: Choices and Consequences; Diffusion Processes

    NEP fields

    This paper has been announced in the following NEP Reports:

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:cpr:ceprdp:13324. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: CEPR (email available below). General contact details of provider: https://cepr.org/ .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.