METHODS FOR THE IDENTIFICATION OF CYBER RISKS: AN ANALYSIS BASED ON PATENT DATA

The problem of fast-rising cyber-risks become very important in the era of the Fourth Industrial Revolution. Cyber-risks cause not only high losses but also break the chain of economic relations between companies and their customers. Besides, cyber risks change their form and structure rapidly, so the tools of risk management must be adequate. That is why the problem of cyber-risk identification and assessment has gotten attention and become so actual. The purpose of this study is to outline new approaches to identifying and estimating cyber-risks based on the dates of the World International Property Organization (WIPO). In order to conduct our study, we will use various tools and techniques such as: citation analysis, cluster analysis, and visualization. We have analyzed the patent information from the groups of “Electric digital data processing”, “Transmission of digital information” and data processing systems or methods, specially adapted for financial purposes. In our findings, we analyze the technical and economic significance of patents.Our work has led us to conclude that the number of methods of cyber risk identification that were the objects of applications granted by WIPO has a strong connection with the number of cyber-attacks from 2010 to 2017. That is why the innovative methods that were granted have a wide spectrum of influence and could be used in different stages of risk management. We selected patents that based on cyber risk identification and assessment from the data of WIPO and divided these patents into clusters. This helps us in understanding the trends and characters of innovative activities directed to successful management of cyber risks.

Download Full-text

RISK MANAGEMENT IN THE FINANCIAL SECTOR OF UKRAINE IN THE CONTEXT OF CYBER THREATS AND POST-PANDEMIC ECONOMIC RECOVERY

INNOVATIVE ECONOMY ◽

10.37332/2309-1533.2021.3-4.3 ◽

2021 ◽

pp. 19-27

Author(s):

Nazar Demchyshak ◽

Anastasiia Shkyria

Keyword(s):

Risk Management ◽

National Security ◽

Cyber Security ◽

Financial Sector ◽

Cyber Attacks ◽

Cyber Threats ◽

The World ◽

Cyber Threat ◽

Security Index ◽

Cyber Risk

Purpose. The aim of the article is substantiation of approaches of domestic and foreign scientists to risk management in the financial sector of Ukraine in the context of cyber threats and the need to ensure national security and post-pandemic economic recovery. Methodology of research. General scientific and special methods of scientific research are used in the article, in particular: induction, deduction, scientific abstraction - to reveal the essence of the concepts of "cyber threat", “cyber security" and "digitalization"; statistical and graphical methods - to assess the current situation in the field of cyber defence in the world and the national cyber security index; methods of analysis and synthesis - in substantiating the conclusions of the research. Finding. Definitions of cyber risk, approaches to its interpretation and classification were considered. The importance of cyber security in the digitalization of the national economy was argued. The Strategy of Ukrainian Financial Sector Development until 2025 is analysed. The world statistics of frequency and losses due to cyber-attacks are studied and the cyber threats that caused the greatest losses in Ukraine are identified. The analysis of Ukraine’s positions in the National Cyber Security Index 2020 is carried out. The directions of cyber threat prevention that can be useful for Ukrainian companies are substantiated. Originality. The author’s definition of the term "cyber risk" is proposed, in which special attention in focused on the effects of cyber threats. The importance of cyber risk management in the conditions of inevitability of digitalization in the financial sector of Ukraine is substantiated. Approaches to the prevention of cyber-attacks, the implementation of which is necessary for the successful digital transformation of Ukraine, are proposed. Practical value. The results of the research will contribute to the formation of an effective risk management system in the financial sector of Ukraine in terms of digitalization of the financial space and post-pandemic recovery of the national economy. Key words: national security, cyber risk, cyber threat, cyber defence, digitalization, post-pandemic recovery, fintech.

Download Full-text

Motivation-based Attacker Modelling for Cyber Risk Management: A Quantitative Content: Analysis and a Natural Experiment

Journal of Information Security and Cybercrimes Research ◽

10.26735/nmmd9869 ◽

2021 ◽

Vol 4 (2) ◽

pp. 30-43

Author(s):

Florian-Klaus Kaiser ◽

Marcus Wiens ◽

Frank Schultmann

Keyword(s):

Risk Management ◽

Content Analysis ◽

Natural Experiment ◽

Cyber Attacks ◽

Quantitative Content Analysis ◽

Risk Modelling ◽

Quantitative Content ◽

Heavy Burden ◽

Multi Method Approach ◽

Cyber Risk

Cyber-attacks have a tremendous impact on worldwide economic performance. Hence, it is vitally important to implement effective risk management for different cyber-attacks, which calls for profound attacker models. However, cyber risk modelling based on attacker models seems to be restricted to overly simplified models. This hinders the understanding of cyber risks and represents a heavy burden for efficient cyber risk management. This work aims to forward scientific research in this field by employing a multi-method approach based on a quantitative content analysis of scientific literature and a natural experiment. Our work gives evidence for the oversimplified modelling of attacker motivational patterns. The quantitative content analysis gives evidence for a broad and established misunderstanding of attackers as being illicitly malicious. The results of the natural experiment substantiate the findings of the content analysis. We thereby contribute to the improvement of attacker modelling, which can be considered a necessary prerequisite for effective cyber risk management.

Download Full-text

Solving Big GIS Projects on Desktop Computers

Kartografija i geoinformacije ◽

10.32909/kg.18.32.4 ◽

2019 ◽

Vol 18 (32) ◽

pp. 44-62

Author(s):

Dalibor Bartoněk

Keyword(s):

Big Data ◽

Data Processing ◽

Spatial Data ◽

Geographical Information Systems ◽

Information Technologies ◽

Digital Data ◽

Geographical Information ◽

Digital Information ◽

Big Data Processing ◽

Data Volume

We are witnessing great developments in digital information technologies. The situation encroaches on spatial data, which contain both attributive and localization features, and this determines their position unequally within an obligatory coordinate system. These changes have resulted in the rapid growth of digital data, significantly supported by technical advances regarding the devices which produce them. As technology for making spatial data advances, methods and software for big data processing are falling behind. Paradoxically, only about 2% of the total volume of data is actually used. Big data processing often requires high computation performance hardware and software. Only a few users possess the appropriate information infrastructure. The proportion of processed data would improve if big data could be processed by ordinary users. In geographical information systems (GIS), these problems arise when solving projects related to extensive territory or considerable secondary complexity, which require big data processing. This paper focuses on the creation and verification of methods by which it would be possible to process effectively extensive projects in GIS supported by desktop hardware and software. It is a project regarding new quick methods for the functional reduction of the data volume, optimization of processing, edge detection in 3D and automated vectorization.

Download Full-text

Commercial Maritime and Cyber Risk Management

Safety & Defense ◽

10.37105/sd.42 ◽

2019 ◽

Vol 5 (1) ◽

pp. 46-48

Author(s):

Akash RANA

Keyword(s):

Risk Management ◽

Best Practices ◽

Cyber Security ◽

Cyber Attacks ◽

Signal Interference ◽

Cyber Crime ◽

British Government ◽

Code Of Practice ◽

Starting Point ◽

Cyber Risk

The starting point of the paper is the recognition of the growing threat of cyber-attacks to commercial maritime. Constantly growing dependency on technology has obvious advantages, on the other hand, however, it makes commercial maritime vessels progressively more vulnerable to cyber-crime, including GPS signal interference, malware attacks or even gaining control over ships’ systems and networks. The main objective of the paper is to present and discuss the Guidelines on Cyber Security Onboard Ships developed by the International Maritime Organization, including best practices for implementation of cyber risk management. The article’s goal is to summarize the guidelines and to familiarize the reader with the reasons why and the methods how they should be implemented. The paper is concluded with an example how the Guidelines can be adopted by national authorities, i.e., a brief presentation of “Code of Practice: Cyber Security for Ships” – a document developed by the British government that transposes the IMO guidelines.

Download Full-text

A Study on Cyber Risk Management Measures due to the Increase in Cyber Attacks in the Shipping Industry

Regional Industry Review ◽

10.33932/rir.44.3.15 ◽

2021 ◽

Vol 44 (3) ◽

pp. 345-371

Author(s):

Young-Gon Kim ◽

Nak-Hyun Han ◽

Ho-Seok Ko ◽

Seong-Hoo Kim

Keyword(s):

Risk Management ◽

Cyber Attacks ◽

Shipping Industry ◽

Management Measures ◽

Cyber Risk

Download Full-text

Incident Command Futurism

International Oil Spill Conference Proceedings ◽

10.7901/2169-3358-2021.1.684446 ◽

2021 ◽

Vol 2021 (1) ◽

Author(s):

Josh Gravenmier ◽

Greg McGowan

Keyword(s):

Decision Making ◽

Data Collection ◽

Mechanical Response ◽

Cost Savings ◽

Risk Identification ◽

Digital Data ◽

Digital Information ◽

Incident Command ◽

Response Status ◽

Unified Command

ABSTRACT The availability of integrated remote sensing platforms and digital data collection and sharing tools is changing spill response. These tools facilitate a more effective and rapid decision-making process that can increase resource protection, improve responder safety, and reduce response costs. Early detection and response are a key to preventing smaller incidents from becoming larger. A variety of innovative tools now exist or are in development that could assist facilities and responders in the early stages and throughout an incident event to reduce human, environmental, and economic impacts. Real time field data collection for key parameters such as oil thickness and trajectory, SCAT data, oiled wildlife details, and resources at risk identification, allows for more robust data to be shared rapidly throughout the response operation. This information facilitates more effectively targeted deployment and re-deployment of human and mechanical response assets, and more immediate assessment of both environmental impacts and cleanup progress. Auto-population of incident command system forms as well as better document sharing and document retention through remote and cloud-based file saving platforms can improve the administrative and functional aspects of the response, contributing to enhanced efficiency. The ability to identify and effectively respond to rapidly changing circumstances provides the Unified Command with new tools to make better decisions and keep the public informed of progress. This paper considers new and emerging technologies as they may be applied to the work in a unified command setting, and how they may allow us to compress the operational period for decision-making and action, more accurately and more rapidly understand and share the spill response status, and how we may be able to enhance responder safety and recognize cost savings. We also consider some inherent risks associated with reliance on integrated technologies and digital information and will offer suggestions for drills and exercises to test and optimize these tools.

Download Full-text

Cyber-risk management: identification, prevention, and mitigation techniques

10.31219/osf.io/skxec ◽

2021 ◽

Author(s):

Naveen Kunnathuvalappil Hariharan

Keyword(s):

Risk Management ◽

Cyber Security ◽

Critical Infrastructure ◽

Identity Theft ◽

Cyber Attacks ◽

Cyber Terrorism ◽

Mitigation Techniques ◽

Cyber Risk ◽

Careful Management

Cyber-attacks on critical infrastructure, as well as the possibility of cyber-terrorism and even cyberwarfare, pose a threat to societies on a larger scale. Stakeholders are vulnerable to information theft,service disruptions, privacy and identity theft, fraud, espionage and sabotage. This article provides abrief overview of risk management, with a particular emphasis on cyber security and cyber-riskassessment. This article provides an overview of risk management, with a particular emphasis oncyber security detection, prevention, and mitigation techniques. We showed how organizations couldmitigate their cyber risk with careful management.

Download Full-text

Cyber Risk. The New Enemy for Risk Management in the Age of Globalisation

MANAGEMENT CONTROL ◽

10.3280/maco2018-su2007 ◽

2018 ◽

pp. 135-155 ◽

Cited By ~ 2

Author(s):

Chiara Crovini ◽

Giovanni Ossola ◽

Pier Luigi Marchini

Keyword(s):

Risk Management ◽

Cyber Risk

Download Full-text

Methodological bases and practice of risk management of regional development (part 1)

Herald of Omsk University. Series: Economics ◽

10.24147/1812-3988.2020.18(2).114-126 ◽

2020 ◽

Vol 18 (2) ◽

pp. 114-126

Author(s):

Valery V. Karpov ◽

Anna G. Breusova ◽

Anna A. Korableva

Keyword(s):

Risk Management ◽

Regional Development ◽

Regional Economy ◽

Full Range ◽

Risk Identification ◽

Territorial Development ◽

Public Authorities ◽

Strategic Risk ◽

Risk Committee ◽

State Programs

The article is devoted to the theoretical foundations and analysis of the experience of subjects of the Russian Federation in the field of regional development risk management. The article examines the concept of risk, its difference and relationship with the concepts of uncertainty, threat, danger, security and others. It is determined that dangers are constantly present in the regional economy. And risk, as a measurable uncertainty with multiple outcomes, for which the probability of occurrence of a risk event is calculated, is manifested as a result of the occurrence of a hazard. When comparing the concepts of risk and security, this means that the security of the regional economy is manifested in the ability to resist threats and manage risks, and not in the complete absence of dangers. It is revealed that ISO standards distinguish between the concepts of risk management and risk management. For further discussion, risk management is understood as a systematic approach to using the full range of mechanisms available to public authorities to reduce emerging risks and threats to the socio-economic development of the region. Further, the analysis of risk management in the practice of regional management on the example of the Omsk, Novosibirsk and Tyumen regions is carried out. The relevant tools in the activities of government bodies, such as territorial development strategies, state programs and projects, were identified, which allowed us to introduce a classification of risks with the allocation of strategic, tactical risks of territorial development and project management risks, among which there is a strategic level. The analysis of the implemented tools for compliance with the mandatory stages of risk management showed mainly the absence of risk identification, unified requirements for risk accounting and systematic risk management of regional development. Among the assessed regions, the Tyumen region has the best practices in terms of risk management. For a more detailed analysis authors highlighted the key institutional and instrumental elements of risk management such as risk committee, strategic risk map, risk register, action plan for risk management, and defined logical relationships between them.

Download Full-text

CONCEPTUALISING RISK CULTURE ON ERM IMPLEMENTATION IN CONSTRUCTION COMPANIES

Built Environment Journal ◽

10.24191/bej.v17i1.5988 ◽

2020 ◽

Vol 17 (1) ◽

pp. 59

Author(s):

Ching Ching Wong

Keyword(s):

Risk Management ◽

Risk Identification ◽

The Body ◽

Risk Indicators ◽

Construction Companies ◽

Risk Appetite ◽

Risk Culture ◽

Risk Treatment ◽

Managing Risk ◽

The Relationship

Enterprise Risk Management (ERM) is an effective technique in managing risk within an organization strategically and holistically. Risk culture relates to the general awareness, attitudes and behaviours towards risk management in an organisation. This paper presents a conceptual model that shows the relationship between risk culture and ERM implementation. The dependent variable is ERM implementation, which is measured by the four processes namely risk identification and risk assessment; risk treatment; monitor and consult; communicate and consult. The independent variables under risk culture are risk policy and risk appetite; key risk indicators; accountability; incentives; risk language and internal relationships. This study aims to empirically test the relationship between risk culture and ERM implementation among Malaysian construction public listed companies. Risk culture is expected to have direct effects and significantly influence ERM. This study contributes to enhance the body of knowledge in ERM especially in understanding significant of risk culture that influence its’ implementation from Malaysian perspective.

Download Full-text