Insurability of Cyber Risk: An Empirical Analysis

Slides:

Advertisements

Similar presentations

Fall 2008 Version Professor Dan C. Jones FINA 4355 Class Problem.

Advertisements

A 2030 framework for climate and energy policies Energy.

Cyber Insurance Today: Lots of Interest, Lots of Product Innovation, and Lots of Risk Richard S. Betterley, CMC Betterley Risk Consultants, Inc. Sterling,

The Marketing Decade The Marketing Decade is the beginning of the Marketing Decade and our mission to open new frontiers (markets)

S2-1 © 2001 Carnegie Mellon University OCTAVE SM Process 2 Identify Operational Area Management Knowledge Software Engineering Institute Carnegie Mellon.

The costs and benefits related to cyber security breaches Chapter 3 – Gordon & Loeb.

Implications for Caribbean Capital Markets 25 May, 2011 Marlene Murray CFA Society of Trinidad and Tobago.

37 th OESAI Conference David Lesolle University of Botswana.

Sami GUELLOUZJakarta 6th, April, Syariah compliant General Takaful products A tailor-made service for Muslim community.

Property and Casualty Insurance Marketplace Update November 2009 Tim de Jonge BComm, CIP, CRM Account Executive Aon Global Energy.

Insurance Regulators and Catastrophic Risk Session IX Financing the Risks of Natural Disasters World bank - June 2003.

Reinsurance By Roar Rasten Gard AS

CONSTRUCTION & THE FOOD INDUSTRY The Insurance Industry View Steve Exwood & Jon Miller.

Overview of global trends in reinsurance (International reinsurance point of view) Thomas Hess Group Chief Economist Head of Economic Research & Consulting,

Lukas Steinmann Mexico 10. June 2008 To your health: diagnosing the state of healthcare and the global private medical insurance industry.

Permission to reprint or distribute any content from this presentation requires the prior written approval of Standard & Poor’s. Copyright (c) 2006 Standard.

Agricultural Risk Financing Ramiro Iturrioz Senior Agricultural Insurance Specialist Insurance for the Poor Program The World Bank Agricultural Insurance.

Risk Financing The Principles of Utilizing Insurance Resources Peter Wang

The Actuary’s Evolving Role in Enterprise Risk Management A Case Study 2001 Casualty Loss Reserve Seminar Barry A. Franklin, FCAS, MAAA Managing Director.

Evolution of Insurance Securitization Stephen P. D’Arcy Fellow of the Casualty Actuarial Society Professor of Finance University of Illinois UNSW Actuarial.

Derivatives in the Insurance Market Stephen P. D’Arcy Professor of Finance University of Illinois First Annual OFOR Symposium.

SWAN Captive Risk Financing – A Structured Approach 38th Annual OESAI Conference 25 August 2015.

Managing man-made catastrophe risk: A market perspective CAS Special Interest Seminar on Catastrophe Risk Management Atlanta, 7 October 2002 Thomas Holzheu.

Traditional Actuarial Roles – Putting It All Together in an ERM (and EOM) Framework CAS Spring Meeting June 18, 2007 John Kollar, Russ Bingham, Hartford.

Hidden Risks in Casualty (Re)insurance Casualty Actuaries in Reinsurance (CARe) 2007 David R. Clark, Vice President Munich Reinsurance America, Inc.

Part II: Business Environment Introduction to Business 3e 5 Copyright © 2004 South-Western. All rights reserved. Assessing Industry Conditions.

Macroprudential Surveillance and Insurance Supervision Commissioner Susan Donegan November 19, 2014 Regional Training Seminar for Insurance Supervisors.

Insurance Market Update

1 Economic Benefits of Integrated Risk Products Lawrence A. Berger Swiss Re New Markets CAS Financial Risk Management Seminar Denver, CO, April 12, 1999.

Insuring Commercial NewSpace Activities Yaw Nyampong 3 rd Manfred Lachs Conference on NewSpace Commercialization 17 March 2015.

Ivan Zelenko Head of Derivatives and Structured Finance

World Bank Group Hazards of Nature, Risks and Opportunities for Development in South Asian Countries Regional Conference in New Delhi, India All About.

The World Bank’s Role in Disaster Mitigation Financing the Risks of Natural Disasters June 3, 2003 Alcira Kreimer Manager, Disaster Management Facility.

Matt Foushee University of Tulsa Tulsa, Oklahoma Cyber Insurance Matt Foushee University of Tulsa Tulsa, Oklahoma.

1 CONFIDENTIAL ©2015 AIR WORLDWIDE New Approaches for Managing Cyber Risk.

1 Chapter 23 Risk Management. 2 Topics in Chapter Risk management and stock value maximization. Fundamentals of risk management.

24th India Fellowship Seminar

Copyright ©2003 South-Western/Thomson Learning Chapter 5 Analysis of Risk and Return.

The cost of Cybercrime 1 Steve Lamb Regional Marketing Manager – EMEA, Enterprise Security Products Twitter: actionlamb.

Jacqueline Friedland July CAS Risk and Capital Management Seminar International Perspectives on DFA – Canadian DCAT  Introduction  History  Role.

3 rd International Workshop on Global Flood Monitoring & Modelling Assessing Global Flood Hazards: Engineering and Insurance Applications March 6, 2013.

Capital Modeling for Benefit Pools: A Case Study How Much is Enough (for us)?

DHS Publishes Report Saying Low but Persistent Risk of Cyber Attack on Energy Sector DHS REPORT ON ENERGY CYBERSECURITY April 6, 2016 | Ben Booker Source:

Insurance Securitization Impetus Insurance Markets $ Billion in Capital Financial Markets $10-15 Trillion in Capital Catastrophe Potential $

September 2011 State Board of Administration Florida Hurricane Catastrophe Fund Proposed 2012 Legislation.

1 CONFIDENTIAL ©2016 AIR WORLDWIDE The Evolving Role of Insurance in Building Climate Resilience Brent Poliquin, CCM May 27, 2016.

Rome, October 17 th 2013 Communication, a Key to Successful Risk Management Filippo Cinelli.

Physical Security Market to Global Analysis and Forecasts by Application, Services No of Pages: 150 Publishing Date: Jan 2017 Single User PDF: US$

Actuarial Review of Emerging Risks

What is the Value Proposition? 3rd International SPONSE Workshop

Africa Reinsurance Pulse 2016 Andreas Bollmann 21st African Reinsurance Forum Dakar, Senegal 3 October 2016.

Actuarial role/ contributions/ challenges in Reinsurance

Albania Disaster Risk Mitigation and Adaptation Project

Catastrophes Insurable vs. Non-Insurable Catastrophes

Business At the Speed of Cyber

Monitoring the state of the most important cat markets

Risk Identification Canvas – New Product Launch

LEGAL & ETHICAL ISSUES InsurTech & Health Insurance Providers

Catastrophe Modeling Personal Lines Perspective

South Africa-The Future Of Foodservice To Ken Research.

CYBER CRIME Matthew Purchase.

Cyber Trends and Market Update

Securitization of Catastrophe Risk

Cybersecurity compliance for attorneys

Cyber Risk & Cyber Insurance - Overview

Ransomware and Data breaches in public libraries

The Threat Cyber now as big a threat as natural catastrophes?

Catastrophes Insurable vs. Non-Insurable Catastrophes

Session 8: Innovative Uses of Captives: Cyber and Beyond

Figuring out CyberSecurity Return On Investment

Presentation transcript:

Insurability of Cyber Risk: An Empirical Analysis Christian Biener, Martin Eling, and Jan Hendrik Wirfs University of St. Gallen, Switzerland Institute of Insurance Economics IIS 50th Annual Seminar in London June 24, 2014

Cyber Risk – Big Threat to Global Economy Ø Natural Cat Losses < $200 Billion Data source: Munich Re, 2014 Estimated Cost from Global Cyber Activity Data source: McAfee, 2013 Upper Bound $1 Trillion Lower Bound $300 Billion

Cyber Risk – Big Market Opportunities Average Information Security Budget (PWC, 2014) 2009 2013 $ 2.7 million $ 4.3 million +15% p.a. Cyber Insurance Mature Markets > 10% 1% Insurance Gross Premium Growth p.a. (Swiss Re, 2014 | Betterley, 2013)

Contribution – Cyber Risk Insurability 25 relevant and high-quality studies published between 2002 and 2014 Literature Review SAS OpRisk Global Data: 22,075 operational loss incidents between 1971 and 2009 Cyber Risk Data Classification of risks in terms of actuarial, market, and societal conditions (see Berliner, 1982) Is Cyber Risk Insurable?

90% of Incidents Related to People Allocation of Cyber Risk Incidents to Cyber Risk Categories Unintentional and intentional actions as well as failure to act Actions of People 90% Undetermined 31% 15% 42% Vulnerable Code Misconfigured System End-user Error Targeted Attack 6% Data source: IBM, 2013 Failures of hardware, software, and integrated systems Systems Failure 4% Failures of processes due to poor process design /controls Failed Internal Processes 4% Catastrophes, legal issues, service dependence External Events 1% Data source: SAS OpRisk Global Data

The Insurability Framework Insurability Criteria Requirements Assessment Actuarial (1) Randomness of Losses Independence and Predictability  (2) Maximum Possible Loss Manageable  (3) Average Loss per Event Moderate (4) Loss Exposure Large Loss Exposure (5) Information Asymmetry No Moral Hazard and Adverse Selection (6) Insurance Premium Cost Recovery / Affordability (7) Cover Limits Acceptable (8) Public Policy Consistent With Societal Values (9) Legal Restrictions Allow for Coverage ? Market ? Societal ?

Implications for the Insurance Industry Insurers Important Role of Insurers  Put a Price Tag on Cyber Risk Need for Increasing Product Value  Lower Deductibles, Higher Caps Need for More Re-Insurance Capacity  Diversification Need for a Reduction of Ambiguity Towards Cyber Risk Coverage Industry Data-Sharing to Enhance Systematic Learning Industry Surveys Help Capture Dynamic Changes Regulators Outlook Increasing Cyber Risk Insurance Demand Expected Followed by Increasing Availability and Competition Significant Potential for Future Research

Cyber Risk – We’re Talking About Dave Copyright 2006 John Klossner | www.jklossner.com

Insurability of Cyber Risk: An Empirical Analysis Christian Biener, Martin Eling, and Jan Hendrik Wirfs University of St. Gallen, Switzerland Institute of Insurance Economics IIS 50th Annual Seminar in London June 24, 2014

References Berliner, B., 1982, Limits of Insurability of Risks, Englewood Cliffs, NJ: Prentice-Hall. Betterley, R.S., 2013, Cyber/Privacy Insurance Market Survey 2013: Carriers deepen their risk management services benefits—Insureds grow increasingly concerned with coverage limitations. Cebula, J.J. and Young, L.R., 2010, A Taxonomy of Operational Cyber Security Risks, Technical Note CMU/SEI-2010-TN-028, Software Engineering Institute, Carnegie Mellon University. IBM, 2013, The 2013 IMB Cyber Security Intelligence Index, http://www- 935.ibm.com/services/us/en/security/infographic/cybersecurityindex.html. McAfee, 2013, The Economic Impact of Cybercrime and Cyber Espionage. Munich Re, 2014, 2013 Natural Catastrophe Year in Review. Ponemon Institute, 2014, 2014 Cost of Data Breach Study: Global Analysis PWC, 2014, The Global State of Information Security® Survey 2014. SAS OpRisk Global Data, 2010, http://www.sas.com/resources/product-brief/ sas-oprisk-globaldata-brief.pdf. Swiss Re, 2014, Swiss Re Economic Research and Consulting.