ABSTRACT

Cyber risk is the second highest perceived business risk according to U.S. risk managers and corporate insurance experts. Digital assets now represent over 85% of an organization’s value. In a survey of Fortune 1000 organizations, 83% surveyed described cyber risk as an organizationally complex topic, with most using only qualitative metrics that provide little, if any insight into an effective cyber strategy.

Written by one of the foremost cyber risk experts in the world and with contributions from other senior professionals in the field, Managing Cyber Risk provides corporate cyber stakeholders – managers, executives, and directors – with context and tools to accomplish several strategic objectives. These include enabling managers to understand and have proper governance oversight of this crucial area and ensuring improved cyber resilience. Managing Cyber Risk helps businesses to understand cyber risk quantification in business terms that lead risk owners to determine how much cyber insurance they should buy based on the size and the scope of policy, the cyber budget required, and how to prioritize risk remediation based on reputational, operational, legal, and financial impacts.

Directors are held to standards of fiduciary duty, loyalty, and care. These insights provide the ability to demonstrate that directors have appropriately discharged their duties, which often dictates the ability to successfully rebut claims made against such individuals. Cyber is a strategic business issue that requires quantitative metrics to ensure cyber resiliency. This handbook acts as a roadmap for executives to understand how to increase cyber resiliency and is unique since it quantifies exposures at the digital asset level.

chapter |2 pages

Introduction

Purpose and organization of the handbook

part I|24 pages

Understanding cyber risk

chapter 1|11 pages

Cyber risk at the speed of data

chapter 2|11 pages

Dissecting cyber risk

part II|34 pages

Quantifying cyber risk

chapter 3|21 pages

Inherent cyber risk

chapter 4|11 pages

Residual cyber risk

part III|16 pages

Interconnected and innovative cyber risk

chapter 5|8 pages

Vendor cyber risk

chapter 6|6 pages

Future cyber risk

IoT, blockchain, AI, and quantum computing

part IV|17 pages

Mitigating cyber risk

chapter 7|9 pages

Cyber risk management tool kit

chapter 8|6 pages

Optimizing cyber risk resiliency

chapter |1 pages

Conclusion

Onward and upward