CyberCube - Cyber Insurance Analytics

6 ways to better understand your tail risk

Written by Anjali Nagrani | Mar 10, 2022 3:36:59 PM

For the cyber (re)insurance market to be healthy and profitable, it’s necessary that industry participants have a clear understanding of the potential volatility inherent in their portfolios. Chiefly, this discussion has centered on quantifying the tail risk that could result from potential cyber catastrophe events. However, within a changing cyber risk landscape, this can be difficult to achieve.

CyberCube’s cyber risk analytics solution, Portfolio Manager, is made with cyber (re)insurance actuaries, modelers and exposure managers in mind. It provides the necessary data to inform your cyber risk decisions, develop your own view of risk, and understand your tail risk. 

In this blog, we’ll cover six tips to consider when evaluating cyber portfolio modeling solutions to help you make better, more profitable decisions. 

1. Analyze aggregation risk across all lines of business

(Re)insurance policies are not ironclad, and where there is any potential for debate, there is also potential for litigation. This issue is even more significant as cyber losses may arise from virtually any insurance policy.

Silent cyber is a risk that affects all multi-line portfolios, as the terms and conditions of those policies might not be sufficiently foolproof to rule out cyber claims. For this reason, it’s important for multi-line (re)insurers to have the ability to reliably quantify their cyber risk across all their lines of business, while simultaneously accounting for their exclusionary language in those non-cyber lines of business. As this can have a consequential impact on the overall loss potential, this ability gives you a more comprehensive understanding of your tail risk.

2. Use a broad array of scenarios

When trying to understand your tail risk, ensure your cyber risk analytics solution offers a breadth of scenarios to represent realistic cyber aggregation events. Having a broad set of scenarios at your disposal provides a more comprehensive understanding of what could happen. 

Distinct books of business will include companies with different  technology dependencies — for example, the typical small business may rely on services such as Wordpress and GoDaddy, while a Fortune 500 firm could rely on a mix of hosted and on-premises technologies, including its own proprietary software.

Portfolio Manager provides 29 probabilistic scenario classes — the most available in the industry — and a number of deterministic realistic disaster scenarios (RDS) developed in partnership with Lloyd’s. These scenario classes are modeled to generate multiple potential cyber events depending upon the technology being attacked. 


The ability to see a realistic portrayal of cyber events that could affect your portfolio allows you to plan appropriately for potential loss-generating events and make informed decisions on what types of events affect your book of business most. Gaining a view of realistic portrayals of scenarios to better understand your tail risk will also lead to more efficient use of your capital reserves, reinsurance, or retrocession decisions.

3. Model the severity and frequency of an event

A common critique of cyber risk modeling is a lack of extensive historical event data, which could serve as the basis to help predict the impact and frequency of potential events. While this critique is accurate, it misses the point. Cyber risk models address potential future risk based on current researched trends.  

Petabytes of new cybersecurity data are generated every month which, when properly collected and analyzed, yield tremendous insight into the latest trends in the cyber threat environment in a way that historical data cannot. Modeling cyber threats is therefore challenging, but not impossible. Any solution you use must be able to effectively model both the severity and frequency of any potential event. 

CyberCube’s Portfolio Manager leads the market because our multi-disciplinary team continually considers all aspects of cyber aggregation events to anticipate the markets’ needs and demands, and keeps an eye on additional model adjustment factors that may have material impact on losses.

4. Validate and stress test the modeled scenarios

Regardless of the cyber modeling solution you use, scenarios must be validated to ensure that the modeled tail risk is a reasonable representation of your tail risk. There are three main ways to do this, with:

  1. historical precedents
  2. forward-looking assessments of potential exposures and threats
  3. stress test the scenarios to ensure they reflect the coverages your policies provide

While historical data would lead to the most grounded scenario validation, as mentioned previously, the lack of this kind of data in the cyber space makes this more difficult. 

CyberCube uses a combination of historical data, as well as external and internal cybersecurity expertise to further validate scenarios, while providing you the control to stress test the scenarios against your own portfolios (more on this later). 

When using Portfolio Manager, you not only gain access to the appropriate analytics, you also have access to our in-house experts who understand the cyber insurance industry and its challenges. Our broad variety of multidisciplinary experts — including actuaries, cyber risk modelers, data scientists and cyber security professionals — leads to a depth of understanding and knowledge that no one else in the cyber risk modeling market can provide, ensuring you can get the most out of your analytics solution to best understand tail risk.

5. Develop your own view of risk

Every risk and each portfolio’s risk profile is distinct. This is why it is critical to develop your own view of risk. Representing your organization’s unique perspective and interpretation on the risk is vital — it will help when communicating with the markets to properly demonstrate your approach to underwriting and portfolio management. 

Transparency and control are key

CyberCube recognizes that every (re)insurer will have their own way of interpreting their risk. However, in order to develop your own view of risk, you need transparency into how the model works, in addition to the ability to customize current views of risk in a rapidly changing cyber risk environment. 

CyberCube is unique in its offering as it provides transparency into Portfolio Manager’s modeling process. With our solution, you gain access to relevant documentation and collateral to give you the transparency you need to understand how each step of our process, including event frequency, event impact and detailed losses, is considered to influence cyber cat modeling. Furthermore, CyberCube provides access to our deep bench of expertise to further explain the thought process or methodologies around modeling any specific scenarios. 

With Portfolio Manager’s extensive analysis settings, you can develop a customized view of your own risk. Once you have a view that most appropriately models your business, you can better communicate your tail risk to the market(s). 

6. Use models that are accepted industry-wide

In order to best leverage estimates of your tail risk and your requirements for reinsurance or capital reserves, the model used should be widely accepted by the industry. Flexibility in addressing the changing cyber risk landscape with an approach that allows for reproducible results and expert-supported communication to the industry is critical.   

CyberCube’s cyber risk analytics are the most widely adopted and most retained solutions — they’re quickly becoming the common currency in the cyber insurance market. We have the breadth and depth of cyber risk knowledge that (re)insurers need to develop a common understanding of risk and communicate that risk, allowing for profitable risk decisions across the value chain.  

Portfolio Manager provides high-quality, industry-accepted model scenarios, which help you best understand the tail risk of the particular company you want to insure. This will also help you to justify your portfolio management, capital reserve, and reinsurance decisions to a wider array of stakeholders.

Want to know more about operationalizing and communicating your view of risk using Portfolio Manager? Check out our blog all about it — Portfolio Manager: How to create a forward-looking view of cyber risk

Understand your tail risk with the right cyber risk analytics 

A healthy portfolio hinges on understanding your tail risk — it is the cornerstone of a profitable (re)insurance market. Paired with the right data and analytics, transparency into your cyber modeling solution’s process will allow you to gain your own view of cyber risk, and in turn, the information you need to make the appropriate decisions.

Even with the right cyber risk modeling solution, it’s important for modelers to continually revisit, revise, and refine them based on the dynamic cyber risk environment — cyber can change rapidly as new technologies are embraced and new vulnerabilities are discovered. 

Here at CyberCube, we recognize that our data and analytics require the same level of attention and responsiveness to changing conditions in order for you to better understand your tail risk. Portfolio Manager provides access to the analytics necessary to create your own view of risk, leading you to profitable decision-making.