"Using the lab, in numerical case studies, we identify two classes of measures to control systemic cyber risks: security- and topology-based interventions. We discuss the implications of our findings on selected real-world cybersecurity measures currently applied in the insurance and regulation practice or under discussion for future cyber risk control. To this end, we provide a brief overview of the current cybersecurity regulation and emphasize the role of insurance companies as private regulators."
"Our paper contributes to the theory of conditional risk measures and conditional certainty equivalents. We adopt a random modular approach which proved to be effective in the study of modular convex analysis and conditional risk measures."
"Despite its relevance, forward-looking information is still a confusing topic, in terms of contents and applications, especially in the context of ESG, where there is a need for greater clarity and standardization of the definitions of the ESG indicators."
"... I consider the effectiveness of the Compliance role within the organisational structure and how far the demarcation of the function and its assigned duties are achieving an enterprise-wide culture of good governance and compliance. I posit that, although the delineation of clear responsibilities is important, the benefits of ostensible independence brought about by the departmentalisation of compliance may not be the definite answer to the complex, if not esoteric, challenges faced by organisations in matters of compliance."
"This paper extends the traditional multi-state models to include epidemic effects."
"... we propose a reverse stress testing framework for dynamic models. Specifically, we consider a compound Poisson process over a finite time horizon and stresses composed of expected values of functions applied to the process at the terminal time. We then define the stressed model as the probability measure under which the process satisfies the constraints and which minimizes the KullbackLeibler divergence to the reference compound Poisson model."
"We believe our paper adds to the important body of cybersecurity literature that explores the roles of government and business, particularly corporate directors, in the governance of data security."
"When developing large-sample statistical inference for quantiles, also known as Values-at-Risk in finance and insurance, the usual approach is to convert the task into sums of random variables. The conversion procedure requires that the underlying cumulative distribution function (cdf) would have a probability density function (pdf), plus some minor additional assumptions on the pdf. In view of this, and in conjunction with the classical continuous-mapping theorem, researchers also tend to impose the same pdf-based assumptions when investigating (functionals of) integrals of the quantiles, which are natural ingredients of many risk measures in finance and insurance. Interestingly, the pdf-based assumptions are not needed when working with integrals of quantiles, and in this paper we explain and illustrate this remarkable phenomenon."
"The unacceptable risks are those that are deemed to contravene Union values, and they are therefore considered as “prohibited AI practices” by Article 5 AIA. The proposed prohibition covers four categories: 1) AI systems deploying subliminal techniques, 2) AI practices exploiting vulnerabilities, 3) social scoring systems, and 4) “real-time” remote biometric identification systems. "
"... supply chain network features add significant detection power to predicting enterprise cyber risk, relative to merely using enterprise-only attributes. Particularly, compared to a base model that relies only on internal enterprise features... Given that each cyber data breach is a low probability high impact risk event, these improvements in the prediction power have significant value."