In today’s world of interconnected computer-based information systems, cyber risk has become one of the critical risk factors impacting organizations. Indeed, several studies have shown that cyber risk (for exmaple, the probability of being the victim of a successful cyber-attack) is one of the, if not the, top risk concerns to senior executives in private, as well as public, sector organizations. Auditors have also recognized the critical nature of cyber risk to organizations, as evidenced by the American Institute of Public Accountants’ development of its cybersecurity risk management reporting framework. Cybersecurity risk is also a key concern to the U.S. Securities and Exchange Commission, as evidenced by its 2023 disclosure rules requiring registrants to include Item 1C (Cybersecurity) in Form 10-K and to disclose material cyber incidents in Form 8-K.
AI Models
The technical arsenal used by organizations to manage their cyber risk includes such things as encryption, access controls, intrusion detection and prevention systems, firewalls, and system restoration. Over the last two decades, artificial intelligence models have been widely used to assist…
