What is cyber risk
The Institute of Risk Management (IRM) defines cyber risk as “any risk of financial loss, disruption or damage to the reputation of an organisation from some sort of failure of its information technology systems”. Cybersecurity risk is not just a buzzword – it has become one of the most major concerns for board members in companies around the world. In Deloitte’s ‘Global risk management survey’, which provides findings on the state of risk management for the global financial services industry, cybersecurity risk has been reported to be one of the greatest risk concerns.
Regulators around the world have picked up on this growing challenge by increasing their focus on cybersecurity risk. For instance, in December 2018 the European Banking Authority (EBA) published a consultation paper with proposed guidelines on ICT and security risk. As part of the consultation process, large banks were requested to populate an ICT questionnaire.
Another European regulator, the European Securities and Market Authority (ESMA), extended its operational risks analysis to include cyber risk. In addition, the European Union Agency for Network and…
