Assessment of cyber risk in the banking industry
| Název práce v češtině: | Ohodnocení kybernetického rizika v bankovním odvětví |
|---|---|
| Název v anglickém jazyce: | Assessment of cyber risk in the banking industry |
| Klíčová slova: | operační riziko, kybernetické riziko, kybernetická bezpečnost, únik dat, banka |
| Klíčová slova anglicky: | operational risk, cyber risk, cybersecurity, data breach, bank |
| Akademický rok vypsání: | 2014/2015 |
| Typ práce: | bakalářská práce |
| Jazyk práce: | angličtina |
| Ústav: | Institut ekonomických studií (23-IES) |
| Vedoucí / školitel: | prof. PhDr. Petr Teplý, Ph.D. |
| Řešitel: | skrytý - zadáno vedoucím/školitelem |
| Datum přihlášení: | 21.05.2015 |
| Datum zadání: | 28.05.2015 |
| Datum a čas obhajoby: | 13.06.2017 08:00 |
| Místo konání obhajoby: | IES |
| Datum odevzdání elektronické podoby: | 19.05.2017 |
| Datum proběhlé obhajoby: | 13.06.2017 |
| Oponenti: | Ing. Aleš Maršál, Ph.D. |
| Kontrola URKUND: | |
| Zásady pro vypracování |
| Topic characteristics
As banks perform more of their operations on cloud computing systems and the degree of computer involvement in the banking processes rises in general, the cyber-attacks become an increasingly relevant component of the operational risk. The cyber-attack can have a substantial effect on the assets of the banks and therefore they need additional capital as a protection against this kind of threat. Furthermore, the leakage of private information about clients may cause mistrust towards the banking industry. Therefore governments in many countries including the Czech Republic prepared legislation constraining the amount of risk which financial institutions can take. Nevertheless, this regulation might not be sufficient and the financial institutions do not invest enough into the protection against cybercrime. |
| Seznam odborné literatury |
| Chernobai, A.S., Svetlozar T. Rachev, F. J. F. (2007). Operational Risk: A Guide to Basel II Capital Requirements, Models, and Analysis. John Wiley & Sons, Inc.
Basel Committee on Banking Supervision (2004, June). Basel II: International Convergence of Capital Measurement and Capital Standards: a Revised Framework. Bank for International Settlements. Bector, R. and D. X. Martin (2014). Combating cyber risk: How to attack a growing threat. Oliver Wyman Risk Journal 4, 20–24. Embrechts, P., H. Furrer, and R. Kaufmann (2003). Quantifying regulatory capital for operational risk. Derivatives Use, Trading & Regulation 9 (3), 217–233. Gai, P. and S. Kapadia (2010, March). Contagion in financial networks. Bank of England Working Paper No. 383 . Rippel, M. and P. Teplý (2011). Operational risk - scenario analysis. Prague Economic Papers 2011 (1), 23–39. Upper, C. (2011, August). Simulation methods to assess the danger of contagion in interbank markets. Journal of Financial Stability 7 (3), 111–125. Zákon č. 181/2014 sb. ze dne 23. července 2014 o kybernetické bezpečnosti a o změně souvisejících zákonů (zákon o kybernetické bezpečnosti). Sbírka zákonů 181/2014 (částka 75), 1926–1936. |
| Předběžná náplň práce |
| The aim of this thesis is to analyse the risks facing financial institutions in the environment with high utilisation of the information technology. In the first part, we explain the main threats, provide historical examples
and examine the governmental policies on this topic in the world and especially in the Czech Republic. In the second part, we provide an overview of the methods for operational risk assessment defined in the Basel II regulations. After developing a model for quantifying operational risk using the scenario analysis, we use it to evaluate how severe damage can be caused by a cyber-attack. The main purpose of this investigation is to show the consequences on capital requirements of the banks. Moreover, we use a network model to estimate the possibility of contagion in the interbank market. Outline 1. Introduction 2. Theoretical background 3. The models 3.1. Scenario analysis 3.2. Network model 4. Empirical analysis and discussion of results 5. Conclusion |