Cyber risk model to fill gap in the market


Catastrophe modelling firm AIR Worldwide is working on a cyber risk model to help the industry better understand evolving cyber insurance risk. 

The relatively new nature of cyber threats means that fully-probabilistic industry models have not caught up, making insuring cyber threats difficult. 

But speaking to GR at the 2015 Monte Carlo Rendez-Vous, AIR international operations managing director Milan Simic said that AIR was working with security risk and cyber data experts BitSight Technologies and Risk Based Security to fill the gap. 

The upcoming AIR Cyber Risk Model will use BitSight data and security ratings to help the insurance industry better understand its cyber aggregation risk. 

Meanwhile, Risk Based Security has given AIR historical data on more than 16,000 data breaches to feed into the model. 

The completed model will allow probabilistic loss estimation and run scenarios to help companies understand their aggregated risk from large-scale cyber attacks. 

Simic said: “We think a big part of our duty is to help the market, educate and facilitate where we can. 

“At Monte Carlo in recent years, one of the big themes has been overcapacity. There is more capital than there are risks to ensure 

“So we see it as a part of our duty to help insurers underwriter and brokers intermediate.” 

Simic added that the AIR cyber model was available now for deterministic studies, but would be expanded to include probabilistic modelling in two years. 

“We feel that our model is the first one and is unique in its nature, to deal with the complex nature of cyber risk,” he said. 

He added that other cyber models in the marketplace were not fully probabilistic.