Spotlight: Quantifying Cyber Risk in Financial Institutions

To manage cyber risk effectively, financial institutions (FIs) must be able to measure it. This report considers why quantifying cyber risk is increasingly important to FIs as cyber attacks become more frequent and complex, and outlines Chartis’s new and unique approach to cyber risk quantification.

The report also provides a detailed illustration of the method in action. The results from that test, run on a hypothetical bank with $250bn in notional assets divided between four divisions – retail banking, investment banking, transactional banking and retail brokerage – were telling. Even assuming reasonably effective mitigation of threats, our model calculated a total Value at Risk (VaR) of $234m for the bank. The VaR numbers for the retail brokerage ($48m), the investment banking division ($45m), and the transactional banking division ($12m) were each dwarfed by the VaR for the retail banking division, at $129m. This highlights how exposure to risk can vary significantly according to the network structure in place in a particular division.

  • LinkedIn  
  • Save this article
  • Print this page  

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact [email protected] or view our subscription options here: http://subscriptions.risk.net/subscribe

You are currently unable to copy this content. Please contact [email protected] to find out more.

To download this content and continue reading...

You need to sign in to use this feature. If you don’t have a Chartis account, please register for an account.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here: