Article | REF: SE2505 V2

Cyber risk management - Risk identification, detection, analysis, treatment and transfer

Authors: Nicolas DUFOUR, Matthieu BARRIER

Publication date: September 10, 2022

You do not have access to this resource.
Click here to request your free trial access!

Already subscribed? Log in!


Overview

Français

Read this article from a comprehensive knowledge base, updated and supplemented with articles reviewed by scientific committees.

Read the article

AUTHORS

  • Nicolas DUFOUR: Doctorate in Management Sciences, - Associate University Professor, CNAM LIRSA, - Insurance risk manager, ANTONY France

  • Matthieu BARRIER: Cyber security expert, MB CONSEIL, Paris France

 INTRODUCTION

H ow are cyber-risks saturating the news?

The notion of cyber risk can be defined as the set of threats that exploit computer and Internet space to take advantage of organizations' vulnerabilities to break into their systems and thus recover their financial or intangible assets (sensitive and personal data, for example). Cyber risk often has high-profile consequences for the companies affected, in terms of financial, reputational and regulatory impact, and even business interruption. Numerous corporate cases illustrate this (Yahoo, Uber, Sony PlayStation Network, EasyJet, British Airways, MMA). No company, and no sector, can consider itself immune to these risks, which are often regarded as external and sudden. The purpose of this article is to look at the players involved in this area, the impact of these risks, and the associated risk management measures.

Cyber-risk can be defined as all the risks associated with threats of external intrusion or internal vulnerabilities and malicious acts using Internet data transmission channels and associated peripherals and technologies (shared data storage space, company messaging systems, Wi-Fi spotlights). The aim of these intrusions is most often to steal information, critical data for business continuity, but also sensitive data for customers and employees (banking data, personal data, health data), enabling the extortion of sums of money.

Since the early 2010s, every company has been at risk of a cyber-attack, but when it happens, how do you react? Answering this question requires a clear understanding of the reputational, business continuity, financial and operating loss issues associated with this risk. In order to address this risk, this article will successively detail the identification of cyberthreats, the detection and analysis of this risk, and then look at the players involved and the different types of means of control.

Articles [SE 2 500] and [SE 2 501] address the need for a comprehensive approach to IT security, including a summary of IT risk or exposure to the risk of computer viruses, and a summary of analysis methods

You do not have access to this resource.

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource.
Click here to request your free trial access!

Already subscribed? Log in!


The Ultimate Scientific and Technical Reference

A Comprehensive Knowledge Base, with over 1,200 authors and 100 scientific advisors
+ More than 10,000 articles and 1,000 how-to sheets, over 800 new or updated articles every year
From design to prototyping, right through to industrialization, the reference for securing the development of your industrial projects

This article is included in

Security of information systems

This offer includes:

Knowledge Base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

Practical Path

Operational and didactic, to guarantee the acquisition of transversal skills

Doc & Quiz

Interactive articles with quizzes, for constructive reading

Subscribe now!

Ongoing reading
Cyber risk management
Outline