New cyber framework targets accumulation riskFebruary 12 2016 by InsuranceAsia News Staff
The Cambridge Centre for Risk Studies and Risk Management Solutions have published a framework for modelling strategies to help measure and constrain cyber risk.
Market surveys suggest that demand for cyber insurance significantly exceeds the capacity currently provided by the insurance industry. A big part of the problem is that underwriters are wary of accumulating cyber risks.
Managing cyber accumulation in a portfolio of insured policies requires a specific data structure to record the attributes of exposure that could potentially correlate.
“We know we can write earthquake exposures in both Japan and California with the confidence that the same event will not impact all these exposures at once,” said Hemant Shah, co-founder and chief executive of RMS. “We know to be wary of writing two industrial risks along the same river basin, and the role flood defences play in mitigating loss. With cyber risks, the contours of systemic accumulation are not as clear.”
The new Cyber Insurance Exposure Data Schema, developed in cooperation with the insurance industry, aims to address this challenge.
Currently, coverage provided by insurance products on the market varies widely. Each company has its own set of data attributes that it monitors and uses to manage its cyber risk. In some cases, these attributes are confidential and viewed as a competitive advantage.
The schema provides a specification for structured information records in a database, to capture cyber insurance exposure in a way that can be standardised across insurance industry participants.
Cyber crime is estimated to cost the global economy as much as $445 billion a year, though identifying the costs and incidence of financial transaction crime from cyber are particularly difficult as there is no regulatory requirement for a financial services company to publicly declare a theft from its system, unlike the regulatory requirements for data loss.
“As businesses and stakeholders throughout society increasingly make mitigating cyber threats a top priority, the industry needs to adapt to remain relevant,” said Shah. “An engaged and vital cyber insurance market will not only be good for the industry but will also ensure a more resilient economy.”
- October 30
The costs of a virus attack on 15 ports could cost a staggering US$110 billion.
- October 30
The firm is targeting insurers across Asia to cover first party losses.
- October 25
Cyber risk may be less silent these days, but that does not mean it is less dangerous.
- October 18
Only 48% of SMEs across four countries in the region are improving cyber risk management.