The cyber-resilience of financial institutions: significance and applicability

Dupont, Benoît

doi:10.1093/cybsec/tyz013

Cited by 56 publications

(30 citation statements)

References 49 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…They advocate a holistic approach based on a systems perspective considering interactions between risks and developing risk governance that promotes resilience in dealing with adaptive adversaries. The resilience concept originated in material sciences, was adopted by psychology in the 1970s, and later applied to urban resilience and disaster management (Dupont, 2019). This multidisciplinary interest indicates the broad appeal of the concept, but research is still fragmented and difficult to generalize and apply to the cyber domain (Bagheri & Ridley, 2017; Linkov et al, 2013a).…”

Section: Future Research: Gaps In Cyber Risk Researchmentioning

confidence: 99%

Cyber risk management: History and future research directions

McShane

Eling

Nguyen

2021

Risk Manage Insurance Review

View full text Add to dashboard Cite

Cybersecurity research started in the late 1960s and has continuously evolved under different names such as computer security and information security. This article briefly covers that history but will especially focus on the latest incarnation known as "cyber risk management," which includes both technical and economic/management dimensions. The main focus of the article is to review research on individual steps of the cyber risk management process and on the overall process to highlight gaps and determine research directions. Two main findings are that cyber risk is difficult to include in the overall enterprise risk management process and that a move toward cyber resilience is necessary to deal with such a complex risk. Both findings require a level of interdisciplinary collaboration that is currently lacking.

show abstract

Section: Future Research: Gaps In Cyber Risk Researchmentioning

confidence: 99%

Cyber risk management: History and future research directions

McShane

Eling

Nguyen

2021

Risk Manage Insurance Review

View full text Add to dashboard Cite

show abstract

“…They also bring together functional, business, human, trustworthiness, timing, data, boundaries, composability, and lifecycle elements [47]. Resilience is a particularly highlighted issue in the current literature [72; 78], especially in the financial sector [78].…”

Section: Developmentmentioning

confidence: 99%

Proposal and Validation of a Standard Protection Profile for Homologation of Commercial Videoconferencing Equipment

2021

View full text Add to dashboard Cite

In the present work, we propose and validate a Common Criteria Standard Protection Profile (sPP) for videoconferencing equipment. The research presents the definition and analysis of the homologation system used to validate the standard protection profile, focusing on its application focused in a large Brazilian financial company. We address the main points to consider in the acquisition and current use of this product: reasonable information security assumptions, technical standards, recommendations, and international best cybersecurity practices. As a result, we have developed a Standard Protection Profile identifying the information security risks involved and the minimum parameters required in those systems acquired and used for Government environments. This paper also presents all tests performed to validate the proposed sPP. As the application is critical, involving sensitive data, our results can also foster less risky conditions in the myriad situations caused by the COVID pandemic.

show abstract

“…La materialización de un ciberataque es una situación que rompe con las certezas que se tienen en los modelos tradicionales de seguridad y control, lo que crea inestabilidad e incierto en las actuaciones de las naciones y empresas. Por tanto, es necesario reconstruir los supuestos de base del entendimiento de la dinámica empresarial para pasar de una postura de "riesgo cero" a una política de umbrales de operación, donde se reconoce la falla como parte inherente de la práctica empresarial y como base de una cultura de aprendizaje que hace más resistente a la empresa y la nación frente a estos eventos (Dupont, 2019).…”

Section: Reflexiones Finalesunclassified

Ciberataques

Cano

2020

SISTEMAS

View full text Add to dashboard Cite

En un contexto cada vez más digital y de iniciativas innovadoras con tecnología de información se desarrolla una economía digital que conecta los diferentes actores de la sociedad, con el fin crear nuevos ecosistemas de negocios en los que es posible concretar oportunidades, utilidades y experiencias inéditas para los diferentes grupos de interés. En este sentido, la inseguridad digital, representada en los ciberataques, se configura como un impuesto progresivo que grava la confianza digital de los consumidores y crea zonas inciertas que afectan la dinámica empresarial y la prosperidad económica de las naciones. En consecuencia, este artículo desarrolla una reflexión conceptual alrededor de este nuevo impuesto progresivo, así como algunas ideas para concretar su elusión en un entorno cada vez más digital y tecnológicamente modificado.

show abstract

The cyber-resilience of financial institutions: significance and applicability

Cited by 56 publications

References 49 publications

Cyber risk management: History and future research directions

Cyber risk management: History and future research directions

Proposal and Validation of a Standard Protection Profile for Homologation of Commercial Videoconferencing Equipment

Ciberataques

Contact Info

Product

Resources

About