In many respects, the identification of cyber risks is a relatively straightforward task. Almost all Internet risks spring from one or more of three sources:
• variable reliability and application of technology;
• uncertainty surrounding legal and regulatory compliance issues;
• problematic behaviour of personnel in employing and operating Internet technologies.
These types of concern tend not to arise so critically in traditional business and professional environments where procedures are well established, codes and protocols govern business and professional conduct, and models and channels for providing goods and services are conventional.
Internet technologies are disruptive. They introduce new models ...