Accessing information on the Internet was once likened to searching for information in a library, where the pages of all the books had been ripped out and strewn on the floor. Everyone knows that there is a colossal amount of online information about cyber security issues. How can this seemingly boundless ocean of information be processed for the practical benefit of cyber risk professionals?
This is a daunting multi-disciplinary challenge because cyber risk management spans the broad domains of information technology, risk regulation, law and criminology, security economics, insurance, as well as risk analysis.
This challenge can’t be met by one person – but it can with three. Early in 2017, Andrew Coburn conceived of the idea of a book on cyber risk, with Éireann Leverett and myself as the two other co-authors. Eireann is an ethical hacker, with specialist capabilities and technical insight into the shadowy world of cyber attack and defense. I knew he had special expertise when he showed he could hack my (Samsung) phone in five minutes.
After a brainstorming session in the RMS London office, Andrew came up with the title, Solving Cyber Risk, and after a year and a half of gestation, this book has just been published by Wiley.
Mark Twain said that he didn’t have time to write a short letter, so he wrote a long one instead. It requires considerable time and effort to condense millions of pages of cyber risk information into 350 pages of a book. The end result is a convenient practical resource for all who wish to do more than just find information about cyber risk; but need to deepen their knowledge and understanding of this risk, and to enhance their wisdom in making decisions about cyber risk.
This is the first book on cyber risk written by authors with extensive experience and expertise in modeling catastrophe insurance risk of all kinds. A multi-peril perspective is indispensable for gauging the relative importance of different risks. Cyber risk is of course a man-made peril, and has a number of common features with terrorism, which has been modeled by RMS since 9/11. The overlap area of cyber terrorism is just one of the important topics addressed in this book. As with terrorism security, the most effective cyber security investments are not what people think they are.
What are they? Answers to this and many other intriguing questions about cyber risk are to be found within the book. Enjoy and learn!
Click here to download an excerpt from Solving Cyber Risk.
Order the book now on Amazon.