When someone improperly accesses or discloses an individual's personal information, the subject of that data breach is often at an increased risk of identity theft. One way for an affected data subject to guard against this risk is to subscribe to a credit-monitoring service. Recently, potential...

Tort law is the best vehicle for allocating the risks and spreading the costs of database intrusion. It can incentivize database possessors ("possessors") and data subjects to minimize the harm associated with breaches of database security while also balancing each party's interests. Life is...

In today's technologically dependent world, concerns about cybersecurity, data breaches, and compromised personal information infiltrate the news almost daily. The Securities and Exchange Commission (“SEC”) has recently emerged as a regulator that is keenly focused on cybersecurity,...

This presentation advances upon recent world leading Cybersecurity-CyberFinance Computational Risk Analytics Research selected for 30 SSRN Top-10 Research Ranking Awards and invited for presentation at the 2015 Princeton Quantitative Trading Conference. The primary focus of the presentation is...

Cyber risk, a type of operational risk, is today considered a key component in the enterprise risk management framework. Under BASEL regulations, a bank could recognize the risk mitigating impact of the Cyber Liability Insurance (CLI) contract while calculating the minimum operational risk...

Against a backdrop of annual data breaches compromising approximately one billion global records and an average data breach cost of nearly six billion dollars, the absence of clear US federal strategy for data breach notification and security requirements threatens both consumer privacy and...

To avert the impending global Cyber-Finance Insurance Crisis based upon large-scale commercial reliance upon quantitative models with inherent model risks, tail risks, and systemic risks in current form, this post-doctoral thesis makes the following key contributions: Develops the first known...

Cyber actors are operating under a shared services model giving them access to infrastructure, tools, targets and the ability to monetize their exploits. As a result, organizations across industries must enhance communication channels to share threat information in order to preempt cyber fraud...

This report presents a new Cyber Threat Taxonomy, Cyber Attack Taxonomy and Knowledge-based Cyber Resilience Framework. The research shows that despite high-profile cases in the media and the push from government agencies and industry groups, the importance of understanding cyber threats and the...

Protecting financial networks not only requires financial institutions to improve the security of their own systems, but to change the security balance of the entire internet environment. Cyber threats to financial institutions increasingly come from insecure low-cost mobile and IoT devices...