AIR Releases Industry’s First Open Source Cyber Scenario
Catastrophe modeling firm AIR Worldwide announced it has released the industry’s first open source deterministic cyber risk scenario. AIR plans to release a series of deterministic cyber scenarios over the next 12 months.
The modeling firm has also expanded its cyber risk consulting practice to help clients augment the cyber exposure information in their existing books of business and to produce custom reports on aggregation risk and the probability of breach, helping companies understand their cyber risk today.
The cyber scenarios, used in conjunction with AIR’s data schema, will serve as examples to help perform deterministic scenario modeling of an insurer’s or reinsurer’s book of business. The first cyber scenario will consist of a major cloud service provider experiencing downtime for several days, resulting in significant business interruption losses for its customers. A scenario such as this has the potential for revealing significant aggregation risk within an insurer’s book. Consulting clients will gain early access to future scenarios.
The cyber scenarios will include detailed descriptions of potential cyber events and be accompanied by SQL (Structured Query Language) scripts that capture the event’s severity and loss potential and can be run against a book of business. The SQL scripts are based on the open source Verisk Cyber Exposure Data Standard, enabling companies to view all the assumptions made within the scenario and modify them according to their view of risk. Using the scenarios, deterministic loss estimates can be studied for aggregations on cloud providers, payment processors, accidental breaches, blackouts, encryption quality and more.
In January 2016, AIR and its parent company, Verisk Analytics, announced the Verisk Cyber Exposure Data Standard, designed to help create a uniform method for data transfer across the insurance value chain. AIR also developed a preparer’s guide to assist companies in collecting and storing the necessary cyber exposure data in an open format suitable for modeling, along with an SQL implementation, to allow organizations to begin to use the standard in their enterprises while helping them understand their exposure and aggregation risk, evaluate risk, and make underwriting decisions.
QBE North America Offers New Enhancement Addressing Emerging Technology in Equipment Breakdown
QBE North America, an operating division of QBE Insurance Group, announced it will enhance its Equipment Breakdown coverage with equipment breakdown and technology insurance to cover losses resulting from microelectronic failures.
Microelectronics, with circuitry thousands of times smaller than a human hair, is critical to almost all systems, equipment and technology. Yet, these technologies are prone to failure where physical damage is undetectable, as well as non-physical failure due to firmware or software.
QBE North America will expand its current Equipment Breakdown coverage beyond evidence of physical damage to circuit boards, computer chips and other micro-circuitry. It helps policyholders recover from damage to systems or equipment that cannot easily be traced, and recoup the costs of a microelectronic failure, including business interruption, data loss and reputational damage.
To address additional emerging technologies, the new Equipment Breakdown coverage also includes enhancements to existing service-interruption coverage for cloud computing services, and adds data restoration coverage for data lost due to a utility service interruption, such as loss of electrical power. It also offers off-premises business income and extra expense coverage for mobile equipment and technology, and new public relations coverage to help commercial entities overcome business interruption and reputational issues from equipment failures.
This new, enhanced Equipment Breakdown coverage is now available within QBE North America’s Equipment Breakdown policies, subject to state approvals.
Hiscox Launches New Cyber and Data Risk Product
Hiscox, an international specialist insurer, announced the expansion of its cyber and data risk solutions to include Hiscox CyberClear. This product will complement Hiscox’s existing Cyber Threat Protect, which came to market in October 2015. Both covers use straightforward language and a single insuring agreement driven by the loss itself.
The new product is designed for small and medium-sized enterprises in the U.S. with less than $1billion in annual revenue, while Cyber Threat Protect is a bespoke coverage for large businesses worldwide with over $1billion in annual revenue.
ISO to Collect Cyber Insurance Data to Help Mitigate Risk Related to Cybersecurity Attacks
ISO will collect, aggregate, and analyze cyber insurance data to help address a major issue facing today’s cyber insurance market: the need for more detailed underwriting and rating information.
ISO is currently collecting premium, exposure and loss data for cyber liability and first-party coverages written between 2010 and 2014 from insurers that choose to participate. After ISO aggregates and analyzes the data, it will be available to insurers that submitted data.
All insurers, regardless of whether they currently report data to ISO, may submit their data by September 30, 2016 to qualify as a participant that will receive the aggregated information.
Those insurers with questions about the special data call can email CyberSpecialCallRequest@verisk.com or call Verisk Customer Support at 1-800-888-4476. Information about the call and about ISO’s various cyber insurance offerings can be found on the ISO Cyber Risk Solutions website, www.iso.com/cyber.
Was this article valuable?
Here are more articles you may enjoy.