1 CONFIDENTIAL ©2015 AIR WORLDWIDE New Approaches for Managing Cyber Risk.

Slides:



Advertisements
Similar presentations
Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.
Advertisements

Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.
IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.
Cyber Insurance Today: Lots of Interest, Lots of Product Innovation, and Lots of Risk Richard S. Betterley, CMC Betterley Risk Consultants, Inc. Sterling,
Lockton Companies International Limited. Authorised and regulated by the Financial Services Authority. A Lloyd’s Broker. Protecting Your Business from.
Cyber Insurance cs5493(7493). AKA E-commerce insurance E-business insurance Information system insurance Network intrusion insurance.
Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL
Recent Trends and Insurance Considerations March 2015
BACKGROUND  Hawkes Bay Holdings/Aquila Underwriting LLP  Established 2009 utilising Lloyd’s capacity: Canopius % Hiscox 33 50% to May 2010, replaced.
TERRORISM / POLITICAL VIOLENCE SOLUTIONS FAIR International Insurance Conference on "Political Violence" April 2010 – Karachi Daniel O’Connell
Sapient Insurance Partners. Overview & Services We have almost four decades of combined experience in the property & casualty insurance and reinsurance.
The Financial Impact of Cyber Security 50 Questions Every CFO Should Ask A publication of the American National Standards Institute and the Internet Security.
NEFEC - Cyber Liability MICHAEL GUZMAN, ARM ARTHUR J. GALLAGHER & CO.
Overview of Cybercrime
WHAT EVERY RISK MANAGER NEEDS TO KNOW ABOUT DATA SECURITY RIMS Rocky Mountain Chapter Meeting Thursday, July 25, :30 am – 12:30 pm.
BCN 4708 Fall 2008 Chapter 8 Insurance. Insurance What is Risk? Specific types of Risk Inflation Inflation Market Market Principal Principal Liquidity.
CUNA Mutual Group Proprietary Reproduction, Adaptation or Distribution Prohibited © 2014 CUNA Mutual Group, All Rights Reserved. Understanding Cyber Insurance.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
AUGUST 25, 2015 Cyber Insurance:
HIPLA/UH 20 th Annual Fall Institute 2004 Managing Intellectual Property Exposure Tough Market, Creative Solutions Joby Hughes Joby A. Hughes, P.C. Friday,
Cyber Risk Insurance. Some Statistics Privacy Rights Clearinghouse o From 2005 – February 19, 2013 = 607,118,029 records reported breached. Ponemon Institute.
Cyber Security Nevada Businesses Overview June, 2014.
CYBER INSURANCE Luxury or necessary protection?. What is a data breach? A breach is defined as an event in which an individual’s name plus personal information.
TEMPUS-2009-DE-JPHES WeNeT European Commission TEMPUS.
Top Threats WG Co-Chair Jon-Michael Brook. Agenda About our Top Threats Polling the industry Call for participation Categorizing our Top Threats.
Insurance of the risk Policy covers & underwriting issues Stephen Ridley, Senior Development Underwriter.
Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2013 CCH Incorporated. All Rights Reserved W. Peterson Ave. Chicago,
Matt Foushee University of Tulsa Tulsa, Oklahoma Cyber Insurance Matt Foushee University of Tulsa Tulsa, Oklahoma.
Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.
Managing Your Cyber/E&O Risk with Willis FINEX Robert Barberi, Vice President, Willis Cyber Practice.
New A.M. Best Cyber Questionnaire
Sapient Insurance Partners. Overview & Services We have almost four decades of combined experience in the property & casualty insurance and reinsurance.
Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.
The Pitfalls of the Small Business Owner Protect Your Assets!
COST BENEFITS OF IMPLEMENTING CREDIT CARD DATABASE TOKENIZATION USING FAIR CASE STUDY SHARED COURTESY OF RISKLENS CONFIDENTIAL - FAIR INSTITUTE
Cyber Summit 2016 Data Bytes and Frights Presented by: President and CEO Peter J. Elliott, CPCU.
The Privacy Symposium: Transferring Risk of a Privacy Event Paul Paray & Scott Ernst August 20, 2008.
Cyber Insurance Risk Transfer Alternatives Heather Soronen - Operations Director Rocky Mountain Insurance Information Association.
Cyber: risk without borders Airmic 2016 Harrogate International Centre Tuesday 7 th June 2016.
Cyber Risk Management and Insurance
Cyber Insurance Overview July 30, 2016 Wesley Griffiths, FCAS International Association of Black Actuaries.
Cyber Liability Insurance for an unsecure world
Actuarial Review of Emerging Risks
Cyber Insurance Risk Transfer Alternatives
Actuarial role/ contributions/ challenges in Reinsurance
Overview and Services March 2015
New A.M. Best Cyber Questionnaire
Financial Technology in Cyber Risks
Cyber Insurance presentation for: The 2nd Anti Cybercrime Forum Beirut, 29th November 2016 Alexander Blom, Head of Financial Lines, AIG MENA.
John A. Wright, CEO WIPFLI Client Appreciation June 8, 2017
Managing a Cyber Event Steven P. Gibson President
Society of Risk Management Consultants
Can Cyber Insurance Stand in the Data Breach
F5 PRO ASSETS We’ve created these Pro Assets to help you communicate the ideas in this article to your team. Feel free to remove these intro pages, and.
COST BENEFIT ANALYSIS OF IMPROVED PATCHING WINDOW USING FAIR
Cyber Insurance Overview
Cyber Insurance: An Update on the Market’s Hottest Product
Society of Risk Management Consultants Annual Conference
Cyber Issues Facing Medical Practice Managers
Cyber Trends and Market Update
Understanding Cyber Insurance NASCUS/CUNA Cybersecurity Symposium
Business Impact Analysis 101
By Joseph Carnevale, CIP Partner & Director of Sales
Cybersecurity compliance for attorneys
cyber insurance Tom Wilson Chief Risk Officer, Allianz SE
Cyber Risk & Cyber Insurance - Overview
Forensic and Investigative Accounting
Cyber Security: What the Head & Board Need to Know
Presentation transcript:

1 CONFIDENTIAL ©2015 AIR WORLDWIDE New Approaches for Managing Cyber Risk

2 CONFIDENTIAL ©2015 AIR WORLDWIDE Agenda Overview of the cyber market AIR modeling framework Data partners Cyber data standards Roadmap AIR Model for Cyber Risk

3 CONFIDENTIAL ©2015 AIR WORLDWIDE The Worldwide Cyber Insurance Market Is Growing Rapidly -“Cyber is a new risk and it is a concern, Lloyd’s is at the heart of cyber attacks, providing coverage right now. It’s going to grow dramatically ” Inga Beale, CEO, Lloyd’s of London, Oct Sources: Betterley Report / Advisen -“Cyber Insurance: Maybe next year turns into I need it now” Betterley Report, June “Former U.S. Homeland Security Secretary Tom Ridge has teamed with reinsurance brokerage Guy Carpenter & Co. L.L.C. to offer a cyber security and insurance product” Business Insurance, Oct. 2014

4 CONFIDENTIAL ©2015 AIR WORLDWIDE -Direct losses when intellectual property is stolen, data destroyed, or operations interrupted -Indirect losses when data proprietary to its clients is compromised -Reputational losses -Physical damage What Exposes Organizations to Cyber Risk? A Breach Is One Critical Type of Hazard In the office At offsite data storage sites In the “cloud”

5 CONFIDENTIAL ©2015 AIR WORLDWIDE -What is typically covered? Legal fees Forensics Notification and call center Credit monitoring Public relations fees -Limits Low, in the low millions -Exclusions -Evaluation strategy Driven by industry, company size, etc. Companies offer network analyses Facts About Cyber Coverage

6 CONFIDENTIAL ©2015 AIR WORLDWIDE AIR’s Stochastic Modeling Framework Can Be Applied to Cyber Policy Conditions Exposure Information Damage Estimation Loss Calculation Policy Conditions Limit Deductible VULNERABILITY FINANCIAL Intensity Calculation Event Generation HAZARD

7 CONFIDENTIAL ©2015 AIR WORLDWIDE -Has developed a database of over 16,000 historical worldwide cyber incidents -Based in Richmond, Virginia -Publically disclosed clients include AIG and Willis Risk Based Security (RBS) Selected as Incident Data Provider

8 CONFIDENTIAL ©2015 AIR WORLDWIDE Risk Based Security Data Examples

9 CONFIDENTIAL ©2015 AIR WORLDWIDE -Analyzes public traffic on the Internet to unobtrusively give scores to companies -Based in Cambridge, Massachusetts -Founded by several MIT graduates -Publically disclosed clients include AIG and Liberty BitSight Collaboration will Give the AIR Model Several Key Benefits

10 CONFIDENTIAL ©2015 AIR WORLDWIDE AIR’s Collaboration with BitSight Will Provide Many Benefits to Clients

11 CONFIDENTIAL ©2015 AIR WORLDWIDE

12 CONFIDENTIAL ©2015 AIR WORLDWIDE The Verisk Enterprise Offers AIR Unique Resources, Information, and Data ISO Cyber Program Argus Cyber Forum Information Sharing and Analysis Centers Maplecroft

13 CONFIDENTIAL ©2015 AIR WORLDWIDE AIR Categorizes Risks by Exposure Type

14 CONFIDENTIAL ©2015 AIR WORLDWIDE Cyber Insurance Record Company Information Insurance Coverages Data Assets / Storage Transfer

15 CONFIDENTIAL ©2015 AIR WORLDWIDE Minimum Data Required to Run Model: Industry, Revenue, and Insurance Information Revenue Insurance Industry

16 CONFIDENTIAL ©2015 AIR WORLDWIDE Company Information—Detailed Industry Recovery Plans Demographics Revenue Security

17 CONFIDENTIAL ©2015 AIR WORLDWIDE Multiple Insurance Coverages Will be Supported Security Breach Expense Security Breach Liability Business Interruption Fines Replacement of Electronic Data Website Publishing Liability Programming Errors and Omissions Extortion Public Relations Physical Insurance Coverages

18 CONFIDENTIAL ©2015 AIR WORLDWIDE Data Are the Basis of Potential Cyber Losses Type Country of Origin Number and Value Asset / Storage Record Transfer Record

19 CONFIDENTIAL ©2015 AIR WORLDWIDE Storage Can Lead to Aggregation Risks TypeSecurity OS Type Cloud

20 CONFIDENTIAL ©2015 AIR WORLDWIDE Transferring Data Introduces Additional Vulnerabilities TypeSecurity Service / Vendor Type Cloud

21 CONFIDENTIAL ©2015 AIR WORLDWIDE DataTypeRecord ValueCountry of OriginOwnership Credit Card??? PII?US? Annual RevenueTotal% from Internet% Domestic% Foreign 1,300,000,000??? DataTypeRecord ValueCountry of OriginOwnership Credit Card$225US3 rd Party PII$99US1 st Party Company RevenueTotal% from Internet% Domestic% Foreign 1,300,000,00017%72%28% -Most refined results are obtained when every field of an exposure record is correctly filled in -But what if we have only some of the information that completely describes an exposure? -AIR’s Cyber Model will populate “unknown” fields with values derived from our planned Cyber Industry Exposure Database Developing a Cyber IED Will Allow the Model to Account for “Unknowns”

22 CONFIDENTIAL ©2015 AIR WORLDWIDE Distribution of Limits by Coverage Mock-up of Cyber Exposure Aggregation and Accumulation in Touchstone Distribution of Records by Industry Distribution of Employees by Age Band Distribution of Revenue by Geography

23 CONFIDENTIAL ©2015 AIR WORLDWIDE Studies Provide Data for Our Prototype Model NetDiligence Symantec

24 CONFIDENTIAL ©2015 AIR WORLDWIDE The “Hurricane Andrew” of Cyber Is Coming

25 CONFIDENTIAL ©2015 AIR WORLDWIDE Aggregation Is More than the Cloud

26 CONFIDENTIAL ©2015 AIR WORLDWIDE AIR’s Prototype Cyber Framework and Its Roadmap Catalog Frequency of attack data from sample VERIS breach database Stochastically generated breach events Signed with RBS to get a comprehensive dataset Creating a 100K catalog using all available data Exposure Over 400 companies in our sample exposure database Getting Internet footprint data from BitSight Open data standards schema released and implemented in Touchstone Building a cyber industry exposure database Vulnerability 10 key basic risk factors, including company industry and encryption Signed with BitSight Relative vulnerabilities between industry, company size, etc. BitSight score as real-time secondary features in model Loss Loss per record information from Symantec, accounting for risk features Framework calibrated to the reported loss from the 2013 Target breach Partnering with insurance companies to receive cyber loss data Modelling of loss aggregation scenarios Model Results and reports available through consulting studies Deterministic and probabilistic results Will be in Touchstone in the future

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.