Model divergence is a good thing and is more valuable than all software providers producing the same numbers. This was one of the key messages shared by Oliver Brew, CyberCube’s Head of Client Services, at the Advisen 2019 Cyber Risk Insights Conference in New York.
The comments came as CyberCube took part with other modeling companies to examine three systems c cyber risk catastrophe scenarios: a mass data breach, a cloud outage, and mass ransomware campaign to compare and contrast cyber aggregation models. When asked by Jonathan Laux, Aon’s Head of Cyber Analytics, Reinsurance Solutions, who was moderating the panel session, whether variation was good, Oli stated: “If all the numbers were exactly the same, they wouldn’t tell us anything”. He added it was important to have different approaches.
Nick Beecroft, Client Services Manager, CyberCube, also took part in a session at the Advisen event and focused on how a model is a representation of risk, but it is important to make adjustments to outputs to answer specific questions, and be forward looking. “The quality and range of data underpinning a model is essential, but what does that data do?” he asked. “CyberCube is looking at big trends that can change the landscape. We are not chasing every event, but trying to concentrate on trends that alter the catastrophic level.”
Oli also discussed ways in which modeling could go deeper, particularly with regards to silent cyber. “Non affirmative cyber and how that manifests - a lot of people are scared of it,” he said. “Our role is to help reduce that fear and get people’s arms around what is clearly a challenging issue.”
“If all the numbers were exactly the same, they wouldn’t tell us anything”