2021
DOI: 10.1111/rmir.12169
|View full text |Cite
|
Sign up to set email alerts
|

Cyber risk management: History and future research directions

Abstract: Cybersecurity research started in the late 1960s and has continuously evolved under different names such as computer security and information security. This article briefly covers that history but will especially focus on the latest incarnation known as "cyber risk management," which includes both technical and economic/management dimensions. The main focus of the article is to review research on individual steps of the cyber risk management process and on the overall process to highlight gaps and determine re… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
28
0

Year Published

2022
2022
2024
2024

Publication Types

Select...
6
3

Relationship

1
8

Authors

Journals

citations
Cited by 60 publications
(28 citation statements)
references
References 135 publications
(235 reference statements)
0
28
0
Order By: Relevance
“…With respect to CyberRM, Biener, Eling, Matt, et al (2015) as well as Eling and Schnell (2016), recommend the use of information security standards, such as the ISO 27001 standard, the IT Governance Framework COBIT or the US NIST Framework (see also BCBS, 2018; Higgs et al, 2016; Marotta & McShane, 2018). For a review of research on the respective process steps of cyber risk management, we refer to Eling et al (2021).…”
Section: Development Of Hypotheses Methodology and Data Samplementioning
confidence: 99%
See 1 more Smart Citation
“…With respect to CyberRM, Biener, Eling, Matt, et al (2015) as well as Eling and Schnell (2016), recommend the use of information security standards, such as the ISO 27001 standard, the IT Governance Framework COBIT or the US NIST Framework (see also BCBS, 2018; Higgs et al, 2016; Marotta & McShane, 2018). For a review of research on the respective process steps of cyber risk management, we refer to Eling et al (2021).…”
Section: Development Of Hypotheses Methodology and Data Samplementioning
confidence: 99%
“…There is currently no standardized definition of cyber risk, with a variety of concretizations in the literature (see, e.g., Biener, Eling, Matt, et al, 2015; Biener, Eling, & Wirfs, 2015; Eling & Schnell, 2016; Eling et al, 2021; Shetty et al, 2018). Empirical studies regarding cyber risks mainly focus in the market reactions of data, information, and internet security breaches, or specific methods of attack, such as denial‐of‐service attacks (see, e.g., Gatzlaff & McCullough, 2010).…”
Section: Introductionmentioning
confidence: 99%
“…Several interesting works have arisen that study the emerging market for cyber risk insurance, see discussions in Eling and Schnell ( 2016 ), McShane et al. ( 2021 ) and the editorial and associated special issue of Boyer ( 2020 ) and references therein. Recently, McShane et al.…”
Section: Significance Of Cyber Risk Losses and Cyber Insurance Marketsmentioning
confidence: 99%
“…From a quantitative perspective, the likelihood and impact are the main components of a risk equation [83]. Risk mitigation in healthcare systems involves prioritizing, evaluating, and implementing the appropriate risk-reducing controls recommended by the cybersecurity risk management journal [89]. Different risk mitigation options are risk acceptance, risk avoidance, risk reduction, and risk transference.…”
Section: F Nist Orientation -Security Controls and Risk Managementmentioning
confidence: 99%