Evaluating and Establishing Baseline Security Requirements in Cloud Computing: An Enterprise Risk Management Approach
In today's digital age, businesses use cloud services to boost their operations exponentially. While this trend presents excellent potential, it is marred by significant concerns over the safety of data stored in the cloud. As the demand for cloud computing increases, businesses face issues ranging from data breaches and provider security to service availability and regulatory compliance.
Integrating Cybersecurity and Enterprise Risk Management (ERM)
The increasing frequency, creativity, and severity of cybersecurity attacks means that all enterprises should ensure that cybersecurity risk is receiving appropriate attention within their enterprise risk management (ERM) programs.
Cyber Risks: Systematic Literature Analysis
This systematic literature review focuses on the digitalization theme and its associated risks, particularly cyber risks. Conducted through a comprehensive exploration of the Scopus database over two decades, employing keywords such as "digitalization," "digitization," and "digital risks," this research aimed to understand the evolution of terminology and scholarly discourse in this domain. The investigation initially targeted "digital risks" but shifted towards keywords like "cyber risks," "cybersecurity," and "cyber resilience" to reflect the changing landscape. The review traces the origins of the often-employed keyword "industry 4.0" and its impact on research interests, prompting a focus on more recent publications due to the rapid pace of development in the field.
Defining Cyber Risk
Rapid digitization of the economy and social relations is the main reason why the issues of cyber risk, cyber threats and cybersecurity are continually gaining importance. Despite the increase in the number of research papers in these areas, scholarly articles defining cyber risk are relatively scarce. Moreover, the uniform broadly accepted definition of cyber risk has not been adopted yet, probably due to the interdisciplinary nature of this concept and the dynamics of its change. The paper contributes to the literature on the cyber risk, cybersecurity and cyber risk management.
Cyber Risk and Cybersecurity: a Systematic Review of Data Availability
Cybercrime is estimated to have cost the global economy just under USD 1 trillion in 2020, indicating an increase of more than 50% since 2018. With the average cyber insurance claim rising from USD 145,000 in 2019 to USD 359,000 in 2020, there is a growing necessity for better cyber information sources, standardised databases, mandatory reporting and public awareness. This research analyses the extant academic and industry literature on cybersecurity and cyber risk management with a particular focus on data availability.
Cyberpsychology: Navigating the Intersection of Technology and Human Behaviour for Risk Professionals
Cyberpsychology examines the psychological processes influencing human behaviour in digital environments, offering valuable insights for risk professionals. It addresses cognitive biases, social engineering, cybercrime, burnout, technostress, and emerging technologies like AI and VR. By integrating these principles, organisations can anticipate threats, enhance cybersecurity strategies, and foster resilience in the digital age.
The Risk of Misinformation and Disinformation in Decision-Making: A Risk Professional’s Perspective
Misinformation and disinformation pose serious risks to decision-making by distorting facts, undermining trust, and influencing strategic and operational outcomes. Risk professionals must identify, assess, and mitigate these threats through governance, verification protocols, digital literacy, and scenario planning, ensuring decisions remain credible, ethical, and resilient in an era of information disorder.
Zero Trust Frameworks: A Strategic Imperative for Managing Evolving Cyber Threats
Zero Trust is a modern cybersecurity framework that eliminates implicit trust, requiring continuous verification for every user and device. For risk professionals, it reduces attack surfaces, limits breach impacts, and enhances compliance, making it essential for managing evolving cyber risks in decentralised, cloud-driven, and hybrid work environments.