Category Archives: Cybersecurity

20/9/19: New paper: Systematic risk contagion from cyber events


Our new paper, "What the hack: Systematic risk contagion from cyber events" is now available at International Review of Financial Analysis in pre-print version here: https://www.sciencedirect.com/science/article/pii/S1057521919300274.

Highlights include:

  • We examine the impact of cybercrime and hacking events on equity market volatility across publicly traded corporations.
  • The volatility generated due to cybercrime events is shown to be dependent on the number of clients exposed.
  • Significantly large volatility effects are presented for companies who find themselves exposed to hacking events.
  • Corporations with large data breaches are punished substantially in the form of stock market volatility and significantly reduced abnormal stock returns.
  • Companies with lower levels of market capitalisation are found to be most susceptible to share price reductions.
  • Minor data breaches appear to be relatively unpunished by the stock market.

25/4/18: Dombret on the Future of Europe


An interesting speech by y Dr Andreas Dombret, Member of the Executive Board of the Deutsche Bundesbank, on the future of Europe, with direct referencing to the issues of systemic financial risks (although some of these should qualify as uncertainties) and resilience of the regulatory/governance systems (I wish he focused more on these, however).

25/3/18: Quantum computing and cyber security: a perfectly VUCA mix?

One interesting topic worth discussing in the context of VUCA and systemic resilience is quantum computing. The promise of quantum computing offers a prospect of altering completely the existent encryption methods effectiveness. 

Here is one view:  https://www.sciencedirect.com/science/article/pii/S1361372317300519 suggesting that quantum computing is not a threat to current cryptographic systems, although the core argument here is that it is not a threat in its current state.



There is a lot of technical stuff involved, but an interesting topic from geopolitical risks perspective for sure, and involves long term strategic positioning by the usual adversaries, the U.S. and China. 



7/9/17: What the Hack: Systematic Risk Contagion from Cyber Events


We just posted three new research papers on SSRN covering a range of research topics.

The second paper is "What the Hack: Systematic Risk Contagion from Cyber Events", available here: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3033950.

Abstract:

This paper examines the impact of cybercrime and hacking events on equity market volatility across publicly traded corporations. The volatility influence of these cybercrime events is shown to be dependent on the number of clients exposed across all sectors and the type of the cyber security breach event, with significantly large volatility effects presented for companies who find themselves exposed to cybercrime in the form of hacking. Evidence is presented to suggest that corporations with large data breaches are punished substantially in the form of stock market volatility and significantly reduced abnormal stock returns. Companies with lower levels of market capitalisation are found to be most susceptible. In an environment where corporate data protection should be paramount, minor breaches appear to be relatively unpunished by the stock market. We also show that there is a growing importance in the contagion channel from cyber security breaches to markets volatility. Overall, our results support the proposition that acting in a controlled capacity from within a ring-fenced incentives system, hackers may in fact provide the appropriate mechanism for discovery and deterrence of weak corporate cyber security practices. This mechanism can help alleviate the systemic weaknesses in the existent mechanisms for cyber security oversight and enforcement.



15/4/17: Swift & Digital Money: Cybersecurity Questions


Swift, the interbank clearance system, has been the Constantinople of the financial world's fortresses for some time now. Last year, writing in the International Banker (see link here), I referenced one cybersecurity incident that involved Swift-linked banks, and came close to Swift itself, although it did not breach Swift own systems. The response from Swift was prompt, pointing out that there has never been a cybersecurity breach at Swift.

Well, it appears that the fortress is no more. Latest reports suggest that NSA (a state actor in cybersecurity world) has successfully breached Swift firewalls. Details are here:
http://www.reuters.com/article/us-usa-cyber-swift-idUSKBN17H0NX.

From financial services and economy perspective, this is huge. Take a macro view: for years we have been told that cash and physical gold and silver are not safe. And for years this argument has been juxtaposed by the alleged 'safety' of digital money (not the Bitcoin and other cryptos, which the Governments loath and are keen on declaring 'unsafe', but state-run Central-Banks-operated digital money). The very notion of e-finance or digital finance rests on the basic tenet of infallibility of Swift. That infallibility is now gone. Welcome to the brave new world where the Governments promise you safe digital money in exchange for privacy and liquidity, while delivering a holes-ridden dingy of a system that can and will be fully compromised by the various states' actors and private hackers.

Come here, doggie, doggie! Have a treat...