Cyber risk modeling: Advancements offer new insights
One company is making headways in helping insurers and brokers understand rapidly evolving cyber threats.
The rapid adoption of digital operations at the onset of COVID-19 stay-at-home orders resulted in explosive cybercriminal activity as businesses’ cyber exposures increased radically.
One analysis from Guidewire reported a 40% increase in ransomware attacks in the first three quarters of 2020 compared to the same period a year prior. Guidewire also found a 350% spike in phishing schemes.
One risk management lesson learned through this pandemic has been that the industry continues to face the very real potential for systemic risks and losses arising from a cyberattack. It follows that the need for risk models and other risk analysis tools has reached a critical level.
Data drives risk modeling
In late January, RMS announced new updates to RMS Cyber Solutions Version 5.0 to reflect the cyber risk landscape’s latest view. The updates incorporated the latest data to offer fresh insights to cyber underwriters and portfolio managers, who can “slice and dice” data to understand the various risk drivers that could affect their portfolios.
This new development is a much-needed advancement in cyber risk modeling, which has historically been challenged by rapidly evolving threats and poorly packaged data.
“In cyber, we have a threat landscape that is changing; the people who are doing harm are changing; the techniques they use are changing, and the landscape over which they are doing it is changing,” Matt Harrison, director, product management, cyber at RMS, told PropertyCasualty360.com. “If you think back a year and a half ago, most of us probably haven’t heard of Zoom, and yet we live our lives by it now.”
These inherent challenges, paired with the limited years of data, create a difficult market to model risk. However, Harrison emphasizes that just because cyber risk does not have decades of data behind it like other perils, such as hurricanes or wildfires, does not mean that the data is nonexistent.
“It’s important to recognize that there is a lot of data; the problem is that most of that data was never designed for the insurance market,” he said. “The number-one myth to dispel is that there are really robust data and robust science that goes into building models. But you have to work hard to turn the data into something that people can use.”
Cyber coverage today is priced based on prior claims experience; however, RMS has invested heavily in data to create a more well-rounded picture of cyber risk — one that brokers and insurers can easily glean from to produce better cyber products. The firm’s Cyber Solutions leverages datasets from the RMS Cyber Incident Database (CID), comprised of 100,000 data breach events, threat intelligence, dark web scanning, vulnerability management, and outside-in/cyber-hygiene scorers
Now, the firm can describe cyber risks right down to the details of how bad a cyber event could be, why it would be that bad, and at what frequency it is likely to happen. This is key for underwriters to understand how to price coverage and brokers to know so they can advise clients about how certain risks drive rate in the marketplace, Harrison noted.
“There’s no point in buying $1 million in cyber coverage if you’re going to have a $10 million loss,” he said.
Related: