The effect of corporate risk management on cyber risk mitigation: Evidence from the insurance industry
SSCI
SCOPUS
- Title
- The effect of corporate risk management on cyber risk mitigation: Evidence from the insurance industry
- Authors
- JUNG, KWANGMIN; KIM, CHAN JIN; YUN, JIYEON
- Date Issued
- 2024
- Publisher
- Blackwell Publishing Inc.
- Abstract
- We examine how corporate risk management can be used to address a firm’s vulnerability to cyber risk. We use a large, novel dataset on cyber risk and corporate risk management to analyse US insurers’ cyber loss events during the period of 2000–2021. Our analysis includes information on whether insurers have implemented an enterprise risk management (ERM) programme and whether they report applying cyber risk management (CRM). The results illustrate that the implementation of CRM measures may have no significant effect on cyber risk mitigation. However, we determine that the likelihood (frequency) of a cyber loss event decreases by 3.9% (6.8%) as ERM programmes mature year on year. We also find that an insurer can benefit from implementing both CRM and ERM through a lowered event likelihood (frequency) of 3.8 percentage points on average (3.7 percentage points) per year compared to solely implementing an ERM programme. © The Geneva Association 2024.
- URI
- https://oasis.postech.ac.kr/handle/2014.oak/124229
- DOI
- 10.1057/s41288-024-00326-z
- ISSN
- 1018-5895
- Article Type
- Article
- Citation
- Geneva Papers on Risk and Insurance: Issues and Practice, 2024
- Files in This Item:
- There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.