Catastrophe risk modelling specialist RMS has launched the first probabilistic cyber risk model, a product it believes will help insurance and reinsurance entities allocate capital to cyber risks more robustly and could be a step forward in the tools available for ILS fund managers looking seriously at cyber risk.
RMS said that its RMS Cyber Solutions Platform 3.0 (formerly known as the ‘RMS Cyber Accumulation Management System’) will help insurers, reinsurers and ILS markets to allocate their capital to cyber risk in a rigorous and quantitative way for the first time.
RMS said the launch is the industry’s first probabilistic model for cyber loss, providing losses at different return periods for all five of the major cyber loss processes, which are Data Exfiltration, Contagious Malware, Financial Theft, Cloud Outages and Denial of Service Attacks.
The cyber risk model will enable insurers and reinsurers to allocate risk capital and to design products and risk solutions that reflect the full nature of cyber risk, RMS said. It will also be an important tool for any ILS funds looking to expand into cyber risk exposures, an area seen as ripe for ILS market growth in future.
Specific reinsurance functionality has been included in this release, with the ability to provide financial perspectives to all reinsurance stakeholders. It also offers tools to allow model users to incorporate their own loss experience into the model and therefore develop their own view of risk, critical for ILS funds in how they make decisions to allocate their capital.
So-called silent cyber exposures can also be analysed using the risk model, with the ability to analyse other classes of insurance, such as property damage, energy, and marine, by relating policy terms and conditions and linking to portfolios of property exposure data in the RMS EDM™, a data standard widely used across the insurance industry.
Adam Sandler, head of cyber solutions at RMS, commented on the launch, “RMS clients are seeing demand for cyber insurance growing rapidly and their ability to pursue this opportunity is constrained by their ability to allocate risk capital with confidence. Cyber is still relatively unknown and doesn’t behave like other perils.
“Our clients’ highest priority request to RMS over the past couple of years has been for cyber loss probabilities, particularly for our accumulation scenarios, to assess the cost of capital needed to support this growth opportunity. With this release, we are answering that need. Our new solution offers a platform for integrating models, data, and analytics, to provide a comprehensive and responsive way forward for cyber insurers.”
Dr. Christos Mitas, head of cyber model development at RMS, added, “Statistical experience data only provides a few years of benchmarking, and the patterns of loss continue to shift. Our models show that loss processes such as contagious malware have the capability to scale and trigger large losses much more easily than others, such as data exfiltration, where attackers target individual companies to steal their sensitive data, or cloud outage, which is currently limited by the customer base of cloud service providers.”
The cyber risk model suite also features new analytics for selecting and pricing individual accounts, and allows used to quantify loss probabilities for cyber risk rating factors.
RMS has established partnerships with security ratings providers BitSight and SecurityScorecard to improve the predictive power of rating individual companies, it said and has been working with both providers in order to further calibrate its cyber loss experience data with telematics information as well.
Cyber risk modelling continues to advance, providing tools that can really help reinsurers and ILS managers to evaluate the risks much more holistically and at a granular level.
The ability to analyse silent cyber exposures within portfolios will be very helpful for those looking to step into cyber risks as well.
As model development continues apace we are likely to see more alternative reinsurance capital allocate to cyber exposures over time, as the enhanced understanding and view of the risk makes ILS underwriters more attracted to the enormous opportunity that cyber risk provides.