Following the operational risk frameworks in Basel II and Solvency II, we categorise cyber risk into four classes: (1) actions of people (eg inadvertent loss of data by employee), (2) systems and ...