The modern knowledge economy is increasingly reliant on information technology, communication systems, and infrastructure service continuity. Exploring the emerging risk of disruption and catastrophic failure of these critical systems is a key theme of research at the Centre. Understanding cyber risk and the potential for massive failure of interconnected infrastructure systems requires a detailed technical appraisal of complex engineering interactions, a domain-specific assessment of the threat, and a risk analysis framework.
The Centre continues to monitor emerging risks and changes in the risk landscape. The Centre has a growing network of subject matter specialists on different threat types. Keeping abreast of the latest events, science, and interpreting the implications of changes for risk management is an important part of the research agenda. As new threats arise, these are examined through a standardised process of risk assessment.
Understanding systemic risks
In light of their importance during the 2008 financial crisis, many business, financial institutions, and investors are striving to improve their understanding of systemic risks. The Centre for Risk Studies’ research programme contributes to the understanding of systemic risks, through mapping networks of interconnectivity, trade, and counterparties, and tracing the contagion and propagation mechanisms to amplify shocks through the system.
Cyber risk research
The Cambridge Centre for Risk Studies has been playing a leading role in research into cyber catastrophe risk since its earliest publications in 2013. The Centre’s approach includes developing an understanding of the cyber threat landscape resulting from different technological attack vectors, actors and motivations, and conceptualising potential scenarios of loss. The framework provides a method of assessing the economic and social impact of future cyber attacks. It also captures risk correlation structures and the potential for systemic cyber catastrophes to impact society, insurance companies, and national governments. This covers various mechanisms of cyber loss to the corporate ‘cyber’ economy.
Cyber insurance accumulation risk
The Centre has played a significant role in helping develop the growing market for cyber insurance through creating data standards for monitoring cyber insurance exposure and developing accumulation scenarios for systemic cyber insurance losses in both affirmative (IT) and silent (OT) exposure.
Interdependencies in critical national infrastructure
A major area of societal concern is the potential for failures of critical national infrastructure, which lead to systemic impact. The Centre has analysed a number of scenarios of failure of critical national infrastructure, including cyber attacks, solar storms, and interdependencies and cascading failures such as interruptions to water, telecommunications and transportation services following a power loss.
The interaction and vulnerability of national infrastructure is an important theme for research. It involves understanding how power, communications, energy networks, transport and other systems rely on each other and their critical vulnerabilities to disruptive threats. Interdependencies between failure modes of infrastructure, whether digital or physical, continue to be an area of focus for the Centre.