Rustam Jamilov, Hélène Rey, Ahmed Tahoun, 05 July 2021

Cyber risk poses serious threats for businesses around the world. This column develops a new text-based measure of cyber risk exposure by leveraging computational linguistics and quarterly earnings transcripts for 12,000+ firms from 85 countries over the past 20+ years. Cyber threats have tripled since 2013 and affected a lot more countries and industries. Cyber risks are priced into the stock market and are contagious. The authors conclude that cyber risk is a source of systemic risk for firms and markets.

Neil Gandal, Michael Riordan, Shalom Bublil, 04 June 2020

As digitalisation grows, cyber risks pose serious threats to businesses and consumers alike. However, the precautions taken to deal with these threats are often insufficient. This column examines the relationship between cyber vulnerabilities, (attempted) attacks, and precautions using firm-level data from the UK. More than 80% of the sampled firms have at least one vulnerability, and these firms were more than twice as likely to experience an incident compared to firms without vulnerabilities. Reducing vulnerabilities is key to dealing with cyberattacks and reducing cyber risks in the future.

Jon Danielsson, Morgane Fouché, Robert Macrae, 10 June 2016

The threat to the financial system posed by cyber risk is often claimed to be systemic. This column argues against this, pointing out that almost all cyber risk is microprudential. For a cyber attack to lead to a systemic crisis, it would need to be timed impeccably to coincide with other non-cyber events that undermine confidence in the financial system and the authorities. The only actors with enough resources to affect such an event are large sovereign states, and they could likely create the required uncertainty through simpler, financial means. 

Events

CEPR Policy Research