ABSTRACT
Cyber risk management is no different although the precise actions one can take will depend on the individual risks. Some cyber risks are possible to avoid. For instance the risk of strategic data leaking from a personal smartphone that gets lost is avoidable if one forbids people to bring smartphones into an office environment or connect them to corporate systems. Methods of avoiding cyber risk may be appropriate for some highly secure organisations. Some cyber risks are transferrable. There is a growing market for cyber risk insurance for instance. Most of the protection refers to monetary loss caused by network attacks. The use of third parties such as online payment processors or specialist companies with certified and audited capabilities in cyber security, can also potentially transfer at least some risk to the specialist organisation, for instance allowing an organisation to escape regulatory censure.
