Taking into account the main third-party cybersecurity assessments methodologies for ICT products and cloud services as well as the number of assessment bodies, the report presents the current state of play of cybersecurity assessments based on the past 5 years data. This study aims at analysing...

The growth of the Internet of Things (IoT) has accelerated digital transformation processes in organizations and cities. However, it has also opened new security challenges due to the complexity and dynamism of these systems. The application of security risk analysis methodologies used to...

To help address a budgetary crisis in early 1995, the Rio de Janeiro state government began reforms aimed at selling or concessioning to the private sector loss-making state-owned enterprises. In the transport sector this meant selling or concessioning subway, commuterrail, bus, and ferry...

Using China's Cybersecurity Law (CSL) as an exogenous shock, I examine how personal data security affects stock crash risk. I find that the stock crash risk of treatment firms (which collect personal data) significantly decreases after the CSL, and such decrease is larger when firms face greater...

Under-reporting in cyber incidents is a well-established problem. Due to reputational risk and the consequent financial impact, a large proportion of incidents are never disclosed to the public, especially if they do not involve a breach of protected data. Generally, the problem of...

The aim of the paper is to explain what is meant by Digital Risk&Governance. For this purpose, it is important to retrace the technological evolution that has affected the last few decades: from branches to Mobile Banking, from the digitalization of transactions to the creation of Fintech, from...

On March 23, 2022, the SEC proposed that firms publicly disclose their cybersecurity incidents within four days of discovery. In the U.S., state-level data breach disclosure laws require firms to disclose the occurrence of a data breach, with some mandating disclosure within a deadline while...

Internet of Things (IoT) enabled networks are highly vulnerable to cyber threats due to insecure wireless communication, resource constraint architecture, different types of IoT devices, and a high volume of sensor data being transported across the network. Therefore, IoT-compatible...

Cyber security importance has escalated globally, driven by its pivotal role in shaping daily life, encompassing both personal and non-personal aspects. Cyber security breach probability functions play a crucial role in comprehending how cyber security investments affect vulnerability to cyber...