Two weeks ago, AIR published the industry's first open source cyber scenario, allowing our clients to begin the process of truly owning their cyber risk. It included a realistic sample book of business that helps companies understand the value added by reformatting their exposures according to the AIR Cyber Exposure Data Schema. Additional scenarios will be released throughout the next year.
Using this first scenario—a cloud breach—you can evaluate your potential business interruption loss if a major cloud provider suffers downtime. Anyone who knows basic SQL can edit the code provided to modify the included assumptions about cyber risk and financial loss. For example, a different cloud provider can be chosen, the length of cloud downtime can be changed, and the financial terms and conditions can be adjusted to meet actual policy specifications.
AIR open source cyber scenarios can be used in many ways:
- Reinsurance purchasing guidance: If an insurer sees that a majority of its book relies on a single point of aggregation, it can better manage the risk of a failure at that point;
- Accumulation management: As new risks are being considered, insurers and reinsurers can diversify portfolios;
- "Mitigation" credits for best practices: Just as property insurers give discounts for hail-resistant roofing in areas prone to severe thunderstorm, cyber insurers can give discounts for insureds that mitigate against cyber attacks (e.g., by training employees to avoid falling for phishing attacks);
- Better understand cyber limits: As organizations begin to provide cyber coverage, or discover that existing policies may cover cyber losses, it is important for insurers, reinsurers, and insureds to understand how much downtime will result in limits being reached.
If you don't want to wait for the upcoming open source scenarios to be publically released, or if you do not have all the data needed to run them, please contact your AIR representative to learn about our available consulting services. Drawing from our unique data resources, AIR can enhance even the most limited data sets. Through consulting arrangements, you can gain new insights and understandings and incorporate them into your book of business.
AIR is honored to have been nominated for the 2016 Advisen Cyber Risk Award for Innovation of the Year (AIR - Verisk Cyber Exposure Data Standard, a cross-market and open source cyber exposure data format), in recognition of our data standards and open source scenarios. Show your support for these open source cyber solutions by requesting a free ballot from the Advisen awards website and casting your vote.