Cowbell, a cyber insurance provider for small and medium-sized enterprises (SMEs), has released a whitepaper in which it lays out a path to model catastrophic cyber events in the SME market.
According to the announcement, the firm’s goal is to to help SMEs prevent and recover from a cyber event of catastrophic proportions, providing a framework for modelling such events.
It highlighted that even though systemic events such as the 2008 financial crisis and the COVID-19 pandemic have impacted SMEs, there has not yet been a systemic cyber event with a widespread catastrophic impact.
Cowbell’s “Modeling Catastrophic Cyber Events” outlines existing risks, advises SMEs on how to shore up their cyber defences, and explores how data can help inform catastrophic (CAT) modelling in case of an unprecedented cyber event.
Dan Palardy, lead actuary at Cowbell, said: “In 2023, cyber insurance providers will articulate relevant models for catastrophic cyber events in the critically important SME market.
“We are proud to lead the charge. With Cowbell’s accumulated insights into the behaviour of the SME market over the past three years, we are uniquely positioned to help narrow and mitigate the impact of catastrophic cyber events in our market. We’re excited to share this whitepaper that paves the way for the future of CAT modelling.”
Analysing data and insights from SMEs and analysing the vulnerabilities of the broader SME cyber ecosystem and their interconnections, Cowbell explained, will result in more accurate quantification of cyber systemic risk.
With this, the insurance provider added, Cowbell is paving the path to evaluate catastrophic events in the SME market while highlighting the differences between systemic risks, catastrophic events and mitigating strategies that are already in place.
According to Cowbell, CAT modelling is not “one size fits all” in the SME market and there are shortcomings in extending the current models – those applied to natural catastrophes or large enterprises – to SMEs.
This is due to the nature of cyber risk in the SME market differing from large enterprises, Cowbell explained. Additionally, opportunities for remediation diverge from geographical areas impacted by natural disasters.
“The nature of cyber threats impacting SMEs makes basic cybersecurity hygiene effective against these threats,” Cowbell added. “The more predictable nature of cyber incidents, compared to natural catastrophes, enables the SME ecosystem to organise and prepare effective responses that diminish the impact of cyberattacks. Cyber insurance providers can help narrow the protection gap with clearly defined risk and proactive, augmented underwriting.”
