The cyber risk environment is growing and changing at a rapid pace. Now more than ever, (re)insurers must be aware of and understand their shifting cyber accumulation risk.
The last year has seen unprecedented events, including widespread increases in ransomware attacks in response to the shift to remote work, hugely effective email siphoning of one of the largest email hosting providers, and an incredibly sophisticated supply chain attack impacting high-profile businesses and governments around the globe. Understanding the ramifications of such unique and changing cyber risks has been a challenge for insurers, reinsurers and brokers.
The ability to model and aggregate such complex and nuanced tail risks is becoming a must-have item in every (re)insurer’s toolbox. Cyber risk remains an ever-evolving discipline, and thus it is crucial for (re)insurers to monitor the landscape and ensure they are reliably quantifying the impact of changes in this landscape. At CyberCube, we understand this requires an immense level of ongoing effort and attention. We deliver regular model updates to ensure our clients’ risk management decisions are based on the most up-to-date knowledge and analytics, which is why we’ve released the latest version of Portfolio Manager (PM).
How CyberCube is addressing changing cyber accumulation risks
CyberCube is continually monitoring model assumptions against experience, developing emerging scenario classes as new threats come to the fore, and including shifts in the regulatory or legal environment.
While keeping up in such a fast-paced environment is challenging, CyberCube strives to stay ahead of the curve since launching PM in March 2018. It was the first fully-probabilistic cyber catastrophe model that enabled clients to drill down and identify loss drivers and areas of accumulation risk across key dimensions, as well as multiple lines of business. Suffice to say, there has been significant iterations and upgrades to PM since 2018 to help tackle new cyber challenges.
In early 2021, CyberCube developed a set of industry-sponsored scenarios for PM. These scenarios adhere to specific, industry-sponsored requirements, defining realistic disaster scenarios for business blackout, cloud cascade, and ransomware contagion. These deterministic scenarios have been included in PM v3.0.
With the release of PM v3.0, CyberCube has increased both the underlying rigor and analytical flexibility of PM. So, what are some of the differences between PM v2.0 and PM v3.0?
PM v3.0 update highlights
There has been updates to nearly every module for PM v3.0. I think it’s useful to break them down into a few major avenues of improvement and highlight some major points in each.
Changes to the cyber landscape
As threats evolve, each model update must reflect this. Notably, the most likely threat actor for each scenario has been revisited, with implications of the actor flowing through the scenario model. Additionally, the frequencies of each scenario has been updated, as well as the coverages that would be triggered by each scenario.
Improvements in modeling methodology
CyberCube seeks to add precision to its modeling where the additional complexity warrants it. One of the major modeling improvements in PM v3.0 is the addition of industry-based adoption rates for providers in key scenarios. Now, results will be more sensitive to portfolio composition in a transparent manner conducive to portfolio management.
Enhanced and updated data
There are, of course, updates for the data we collect on companies, which allow for an improved portfolio import and company-matching experience. Similarly, updated data on provider market share and security allow for a refined view of the likelihood and impact of each provider being at the center of an incident. There are also significant increases in coverage for our dependency data. We now know more about which companies are dependent on certain providers, especially in key scenarios.
New software functionality
In addition to model updates, there are numerous usability features that make the product easier to obtain from. A major feature is having key variables in the YLT to add a new level of transparency into each simulated catastrophe. The introduction of reinsurance is another key feature, allowing modeling of quota share and per risk XOL treaties and producing gross, net, and ceded outputs. It’s also worth pointing out that the data schema now has greatly increased flexibility and includes the ability to express terms for BI & CBI as well as information on each company’s data back-up situation.
Optional add-on modules
Beyond the base PM package, two add-on modules are now available:
- Attritional Loss Model - adds targeted attacks on individual insureds, ranging from small, frequent events to significant, infrequent events, to obtain a full view of a portfolio’s cyber risk.
- Single Point of Failure (SPoF) Intelligence - provides unprecedented insight into exactly which companies within a portfolio are dependent on which technology providers, and the cyber posture of those providers.
Continuously adding value to our solutions
At CyberCube, we understand the pace at which cyber accumulation risks change, and we endeavour to reflect those changes in our products continuously.
We value our clients’ experience regarding model stability, continuity, and usability and will seek to include new features only when they add value, and accordingly release them at a reasonable pace. The latest modifications in our cyber risk accumulation modeling platform will help us towards our mission of providing the premier cyber risk aggregation model.
To learn more about how our updated Portfolio Manager can help you, get in touch with us today.