Research

We emphasize and encourage links between academic researchers and practitioners at financial institutions to bring theoretical techniques to bear on real-world issues.

Cyber Security and Fraud

Current cyber security practices and insights on the latest methods are critical elements that need to be identified, studied and understood. Fraud, money laundering, tax evasion, terrorist financing and fraudulent insurance claims are just some of the criminal actions of which the financial sector must remain vigilant.

GRI exposes our members to industry experts and supplies the knowledge required to mitigate threats, identify consumer trends and capitalize on new opportunities in technology. We collaborate with authorities in the cyber security world to share their expertise with members and leverage their experience to help develop industry responses, improve loss rates and increase operational efficiency.


Quantum Threat Timeline

The ‘quantum race’ is on and the race course and timeline are partially unknown. The creation of a scalable, fault-tolerant quantum computer that poses a significant risk to cyber security may be closer than we think. Although quantum attacks are not here yet, critical decisions need to be made today in order to respond to these threats in the future.

Distribution Analysis for Information Risk – A Cyber Quantification Framework

The Distribution Analysis for Information Risk (DAIR) is a cyber quantification methodology that maps cyber events with a hierarchical risk taxonomy to evaluate operational, business & systemic risk economic capital. DAIR will help organizations quantify cyber risk in a consistent and meaningful way, giving consideration to asset vulnerabilities as well as business and systemic considerations.

Quantum Risk Assessment Report – Part 3

This publication provides an extension of our work on estimating the real-world effort it will take for a quantum computer to compromise symmetric cryptographic functions at the foundation of protecting our ICT infrastructure.

Managing the Risk of Web Security

Managing the Risk of Web Security Author: Henry Harrison, Co-founder & CTO of Garrison Technology The author is an independent contributor to the Global Risk Institute and is solely responsible for the content of the article.

The Risk to Client’s Financial Data

It has been said that data is the new oil, and if that is the case, your clients could be sitting on a significant unclaimed reservoir. Helping clients claim their rightful ownership of data assets could enable them to both harvest value and enhance their cyber security.

Systemic Cyber Preparedness

Cyber intrusion and cyber resilience are topics receiving tremendous attention, discussion and action currently and for good reason. Financial firms fend off millions of cyber threats daily. This paper frames the learnings from the most recent efforts to combat global, systemic risk – the 2008 Global Financial Crisis.

National Approach to Cyber Intrusion

This paper explores the national level cyber security infrastructure within Canada and the United Kingdom as it relate to financial services. While national priorities, timing, and approach will always vary to some extent, we believe it to be a fair comparison given both countries are described as the third and fourth largest cybersecurity innovation hubs in the world.

Post-Quantum Key Exchange for the Internet and the Open Quantum Safe Project

Designing public key cryptosystems that resist attacks by quantum computers is an important area of current cryptographic research and standardization. To retain con dentiality of today’s communications against future quantum computers, applications and protocols must begin exploring the use of quantum-resistant key exchange and encryption.

A Resource Estimation Framework for Quantum Attacks Against Cryptographic Functions – Part 2 (RSA and ECC)

This report, “A Resource Estimation Framework for Quantum Attacks Against Cryptographic Functions” provides our next update on our ongoing work related to estimating the real-world effort it will take for a quantum computer to compromise specific cryptographic functions at the foundation of protecting our ICT infrastructure.

Cyber Risk & Security

On April 11th, Duo Security and the Global Risk Institute (GRI) co-hosted an executive breakfast in Toronto to provide an update on current security trends and key information that leaders need to know.

A Methodology for Quantum Risk Assessment

Quantum computing is a growing technology that is rapidly changing how electronic communications and digital transactions will take place in the near future. In this article, we look at how organizations can investigate and mitigate the risks associated with the changes that will be brought about by this emerging technology.

Quantum Computing and Cyber-security

Emerging quantum computing technologies threaten to undermine even the most sophisticated cybersecurity systems installed by businesses and governments

Cyber Risk and Security in Canada

Canada can become a haven against cyber attacks if we invest in and further coordinate efforts

Cyber Resilience

Cyber Resilience According to PricewaterhouseCoopers (2016), 61% of Canadian CEOs believe that cyber security is the biggest potential business threat to their organization’s growth prospects. A recent study by Scalar (2017) shows the negative impact of cyber attacks on productivity: in 2016, 53% of Canadian companies reported an incident that resulted in the loss of… View Article

Quantum Threat and Mitigation

Research on quantum threat timeline re. encryption schemes used by financial institutions. (timeline and mitigation techniques)