Abstract
Cyber risk has become a key issue for stakeholders in the financial system. But its properties are still not precisely characterized and well understood. To help develop a better understanding, we discuss the properties of cyber risk and categorize various cyber risk scenarios. Furthermore, we present a conceptual framework for assessing systemic cyber risk to individual countries. This involves analyzing cyber risk exposures, assessing cybersecurity and preparedness capabilities, and identifying buffers available to absorb cyber risk–induced shocks.
Introduction
Internet usage is globally expanding at a rapid pace. According to the International Telecommunications Union (ITU), 1.5 billion new users accessed the internet between 2010 and 2016.1 Although internet access fosters digital, social, and financial inclusion, the ever-expanding digitalization of life increasingly provides opportunities for adversaries. These opportunities range from criminals conducting financial fraud and information theft to sophisticated hackers conducting disruptive and even destructive cyber attacks.
Assessing and managing systemic cyber risk remains challenging. The financial…
