Cyber risk management - Risk identification, detection, analysis, treatment and transfer
Article REF: SE2505 V2

Cyber risk management - Risk identification, detection, analysis, treatment and transfer

Authors : Nicolas DUFOUR, Matthieu BARRIER

Publication date: September 10, 2022 | Lire en français

Logo Techniques de l'Ingenieur You do not have access to this resource.
Request your free trial access! Free trial

Already subscribed?

Overview

Read this article from a comprehensive knowledge base, updated and supplemented with articles reviewed by scientific committees.

Read the article

AUTHORS

  • Nicolas DUFOUR: Doctorate in Management Sciences, - Associate University Professor, CNAM LIRSA, - Insurance risk manager, ANTONY France

  • Matthieu BARRIER: Cyber security expert, MB CONSEIL, Paris France

 INTRODUCTION

H ow are cyber-risks saturating the news?

The notion of cyber risk can be defined as the set of threats that exploit computer and Internet space to take advantage of organizations' vulnerabilities to break into their systems and thus recover their financial or intangible assets (sensitive and personal data, for example). Cyber risk often has high-profile consequences for the companies affected, in terms of financial, reputational and regulatory impact, and even business interruption. Numerous corporate cases illustrate this (Yahoo, Uber, Sony PlayStation Network, EasyJet, British Airways, MMA). No company, and no sector, can consider itself immune to these risks, which are often regarded as external and sudden. The purpose of this article is to look at the players involved in this area, the impact of these risks, and the associated risk management measures.

Cyber-risk can be defined as all the risks associated with threats of external intrusion or internal vulnerabilities and malicious acts using Internet data transmission channels and associated peripherals and technologies (shared data storage space, company messaging systems, Wi-Fi spotlights). The aim of these intrusions is most often to steal information, critical data for business continuity, but also sensitive data for customers and employees (banking data, personal data, health data), enabling the extortion of sums of money.

Since the early 2010s, every company has been at risk of a cyber-attack, but when it happens, how do you react? Answering this question requires a clear understanding of the reputational, business continuity, financial and operating loss issues associated with this risk. In order to address this risk, this article will successively detail the identification of cyberthreats, the detection and analysis of this risk, and then look at the players involved and the different types of means of control.

Articles [SE 2 500] and [SE 2 501] address the need for a comprehensive approach to IT security, including a summary of IT risk or exposure to the risk of computer viruses, and a summary of analysis methods

You do not have access to this resource.
Logo Techniques de l'Ingenieur

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource. Click here to request your free trial access!

Already subscribed?

Ongoing reading
Cyber risk management

Article included in this offer

"Safety and risk management"

( 460 articles )

Complete knowledge base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

View offer details
Contact us
Contact our team FAQ