1. Selected Items of Interest

NIST Cybersecurity Risk Management Conference: "Actuarial, Statistical and Other Analytical Approaches to Cyber Risk Measurement" presentation by Alex Krutov, November 2018

Comments to the NAIC on the Insurance Data Security model law preliminary working draft, by Alex Krutov, March 23, 2016 (see also the NAIC website)

Response to the RFI by the National Institute of Standards and Technology (NIST) on the Framework for Improving Critical Infrastructure Cybersecurity, by Alex Krutov, February 9, 2016 (also accessible from the NIST page)

"Massive Data Breach of the NAIC Systems" in headlines is not what anybody wants to see (supporting insurance regulator efforts to improve cybersecurity while avoiding unintentionally increasing cyber risk), in Additional Comments on cybersecurity-related revisions to regulatory examinations, by Alex Krutov, September 8, 2015 (also on the NAIC website).  Also, Review and Recommendations: Main elements of the cybersecurity-related revisions to regulatory procedures for insurance company examinations, by Alex Krutov, August 3, 2015 (also on the NAIC website)

On data breaches involving sensitive personal information and the rights of individuals, in Supplementary Comments to the Cybersecurity Task Force of the NAIC, by Alex Krutov, October 9, 2015 (also on the NAIC website).  Also, Comments to the Cybersecurity Task Force of the NAIC on the draft of the Cybersecurity Bill of Rights, by Alex Krutov, August 10, 2015 (also posted on the NAIC website)

Recommended Improvements to the calculation of a separate operational risk charge in Risk-Based Capital in the current NAIC proposal, by Alex Krutov, June 23, 2015 (also posted on the NAIC website)

Comments on the proposed formula for conversion of modeled catastrophe losses from the OEP to AEP basis in Catastrophe Risk Charge in Risk-Based Capital, by Alex Krutov, June 12, 2015 (also on the NAIC website). Also, Observations and Suggestions related to the proposed exemption criteria for the P/C Risk-Based Capital Catastrophe Risk Charge calculations, by Alex Krutov, May 22, 2015 (also on the NAIC website)

Panel A Risk Like No Other on analyzing and combating emerging cyber threats, Alex Krutov, November 10, 2014 (CAS Centennial meeting)

Google Search as a Hacking Tool (watching the MBIA Inc / Cutwater Asset Management apparent data breach)

Response to the Framework for Reducing Cyber Risks to Critical Infrastructure RFI by the National Institute of Standards and Technology (NIST), by Alex Krutov, October 8, 2014 (also accessible from the NIST page)

Presentation Cyber Risk: Understanding Cyber Threats and Their Growing Importance to the Enterprise by Alex Krutov, October 1, 2014 (Enterprise Risk Management Symposium)

Comments to insurance regulators: "Catastrophe Risk Charge in Risk-Based Capital" (indirectly related to cyber risk) by Alex Krutov, September 2014 (also posted on the NAIC website)

2. Selected publications

Article: "Clear and Present Danger: The Pressing Need to Address Cyber Risk Requires its Better Understanding and Adequate Quantification" by Alex Krutov, FW, August 2014

Artcle Q&A: Alex Krutov in "Improving Cyber Security – Advice for Companies," Special Report: Technology in business, FW, August 2014

Book: Investing in Insurance Risk, Insurance-Linked Securities—A Practitioner's Perspective by Alex Krutov (Amazon, Risk Books) – book on insurance risk, its transfer to investors, and the ways to analyze the risk, with an emphasis on modeling extreme (catastrophic) events