This paper examines cyber security issue in banks during Covid 19 pandemic. The objective of the work is to propose a model for the management and control of cyberisk, based on the identification of the most complete methods of evaluation, in qualitative and quantitative terms, and thus able to better describe the possible impacts of its manifestation on the bank's business. The document provides some answers to the issues of covid-19 impact on bank's cyber security and the possibility to define a cyberisk governance structure able to support the challenges and the new policies to include in the Risk appetite framework, for more incisive mitigation of cyberisk during the pandemic. This study applies a case study approach. It is based on quantitative data and qualitative information obtained through semistructured interviews and questionnaires addressed to the chief risk officer and its officers for operational and IT risk. The research contributes to the literature by proposing a framework for the management and control of cyber risk based on a mapping of IT assets and operational risk and their relationships.

Cyber Security in the Age of Covid 19 Pandemic: An Empirical Model to Manage the Risk in Banks

Giuseppina Iacoviello;Elena Bruno;Iacopo Cavallini
2021-01-01

Abstract

This paper examines cyber security issue in banks during Covid 19 pandemic. The objective of the work is to propose a model for the management and control of cyberisk, based on the identification of the most complete methods of evaluation, in qualitative and quantitative terms, and thus able to better describe the possible impacts of its manifestation on the bank's business. The document provides some answers to the issues of covid-19 impact on bank's cyber security and the possibility to define a cyberisk governance structure able to support the challenges and the new policies to include in the Risk appetite framework, for more incisive mitigation of cyberisk during the pandemic. This study applies a case study approach. It is based on quantitative data and qualitative information obtained through semistructured interviews and questionnaires addressed to the chief risk officer and its officers for operational and IT risk. The research contributes to the literature by proposing a framework for the management and control of cyber risk based on a mapping of IT assets and operational risk and their relationships.
2021
978-1-950492-55-8
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11568/1103292
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 1
  • ???jsp.display-item.citation.isi??? ND
social impact