Nos derniers articles

All strategic and operational decisions should consider risk-adjusted earnings value, as all management inherently involves risk management. Effective risk management requires skilled personnel and a robust system to analyze, monitor, and manage risks, focusing on seven key areas: decision-oriented risk management, value-oriented corporate management, risk quantification (including economic, geopolitical, and sustainability risks), and risk aggregation using Monte Carlo simulations. A strong corporate strategy ensures financial sustainability and manageable earnings risks, while embedded risk management enables employees to address risks. These areas, underexplored in literature, warrant further attention, particularly risk aggregation through simulation methods.

The Cyber Due Diligence Object Model (CDDOM) is a structured, extensible framework designed for SMEs to manage cybersecurity due diligence in digital supply chains. Aligned with regulations like NIS2, DORA, CRA, and GDPR, CDDOM enables continuous, automated, and traceable due diligence. It integrates descriptive schemas, role-specific messaging, and decision support to facilitate supplier onboarding, risk reassessment, and regulatory compliance. Validated in real-world scenarios, CDDOM supports automation, transparency, and interoperability, translating compliance and trust signals into machine-readable formats. It fosters resilient, decision-oriented cyber governance, addressing modern cybersecurity challenges outlined in recent research.

This study extends the Gordon–Loeb model for cybersecurity investment by incorporating a Hawkes process to model temporally clustered cyberattacks, reflecting real-world attack bursts. Formulated as a stochastic optimal control problem, it maximizes net benefits through adaptive investment policies that respond to attack arrivals. Numerical results show these dynamic strategies outperform static and Poisson-based models, which overlook clustering, especially in high-risk scenarios. The framework aids risk managers in tailoring responsive cybersecurity strategies. Future work includes empirical calibration, risk-averse loss modeling, cyber-insurance integration, and multivariate Hawkes processes for diverse attack types.

Cyberattacks primarily impact firm value through increased costs rather than sales declines, indicating financial burdens over reputational damage. Costs persist beyond the short term, and firms invest in recovery efforts. Over time, reputational concerns have diminished as cyber resilience improves. These findings emphasize the need for strong corporate risk management, focusing on cost recovery, recovery planning, and trust restoration strategies tailored to specific contexts.

A structured IT outsourcing risk management policy is crucial for navigating third-party service complexities. This study proposes a framework integrating IT outsourcing principles with COBIT standards, covering risk identification, analysis, mitigation, and ongoing monitoring. Implementing this policy enhances organizational asset protection, operational continuity, and minimizes outsourcing risks. It improves information security and business process efficiency. This framework provides practical guidance for organizations to effectively manage risks and optimize IT outsourcing value.

The banking industry faces complex financial risks, including credit, market, and operational risks, requiring a clear understanding of the aggregate cost of risk. Advanced AI models complicate transparency, increasing the need for explainable AI (XAI). Understanding risk mathematics enhances predictability, financial management, and regulatory compliance in an evolving landscape.

This study integrates cybersecurity risks into a neoclassical growth model, revealing that proactive investments enhance long-term stability, while industry-specific vulnerabilities (capital-intensive resilience vs. labor-intensive disruptions) and systemic risks affect macroeconomic resilience. Optimal resource allocation, adaptive risk strategies via Bayesian updating, and prioritizing cybersecurity in long-term planning balance security with growth.

This work presents a framework for constructing elicitable risk measures with properties like monotonicity, translation invariance, and convexity using multiplicative scoring functions. It defines necessary conditions for these properties and provides a method for developing new elicitable functionals, with applications in finance, statistics, and machine learning.

This paper examines the Solvency II correlation matrix used in Solvency Capital Requirement (SCR) calculations. It warns against misinterpreting null correlations as independence and highlights the matrix's limitations without a well-defined probabilistic model. It also critiques the flawed practice of arbitrarily increasing correlations to inflate capital requirements conservatively.

Significant risk transfer (SRT) securitization is increasingly used by major EU banks for risk and capital management. It provides flexible, reasonably priced capital, improving balance sheets and capital ratios. Supervisors assess risk transfer for capital relief. The SRT market has grown substantially and is a key tool for European banks.