Global catastrophe risk modelling and analytics firm, RMS, has released its updated RMS Cyber Accumulation Management System version 2.0, which further highlights the need for improved cyber insurance and reinsurance solutions.
The new and enhanced version 2.0 of the RMS Cyber Accumulation Management System includes a suite of cyber models and supporting software and incorporates new functionality, which includes the RMS Expected Loss Baseline model.
According to RMS analysts, the model shows that were all U.S. businesses to have cyber insurance protection, more than $5 billion every year would be lost to the insurance industry just from cyber data exfiltration, with data breaches being the main cause of cyber insurance loss.
Of course, of the $5 billion a significant portion would likely be passed on to the reinsurance industry, which further highlights the opportunity for insurers and reinsurers to develop innovative, affordable and effective cyber risk solutions for the world’s businesses.
By its very nature cyber is a complex and expanding peril that insurance, reinsurance, and also alternative risk transfer markets are trying to better understand in order to develop better products. This is especially true as the cyber risk landscape continues to evolve, which RMS explores in its Cyber Risk Landscape 2017 report, which has also been published today.
RMS Senior Vice President, Dr. Andrew Coburn, said; “In only fifteen months since we launched the RMS Cyber Accumulation Management System, we’ve seen the cyber risk landscape change dramatically and version 2.0 of the system reflects those changes.
“For example, we’ve seen the largest ever data breaches, denial of service attacks, and attempted financial thefts. Data breaches can cost companies hundreds of millions of dollars, and our modeling shows the overall insurable loss across U.S. businesses from data exfiltration is running at over $5 billion a year. The past year has also demonstrated the potential for future systemic cyber catastrophes, for which overall losses would far exceed $5 billion, and version 2.0 has the capacity to model this risk.”
The latest version of RMS’ cyber model provides companies with greater accuracy when looking at attritional annual losses across cyber portfolios, and also probable maximum loss (PML). The new model also includes significant changes and updates to its affirmative cyber scenarios, which includes shifting patterns of data exfiltration; more intense denial of service attacks; financial theft; cloud service provider failure; and cyber extortion.
Interestingly, the new model also includes cyber-physical scenarios, such as fire and explosions caused by hackers and, this includes the assessment of the ‘silent’ exposures in some policies that have ambiguous terms on cyber-attack losses, says RMS.
“As the first cyber risk management solution of its kind, the RMS Cyber Accumulation Management System has benefited from over a year of use by leading cyber insurance writers, helping them to analyze a third of the market by premium.
“That’s a lot of client feedback and refinement which has informed the innovations of our latest update. And with our continued substantial investments into cyber model development, there is already more capability in our pipeline,” continued Coburn.