Active insurance provider Coalition has released a new model for understanding cyber risk aggregation, serving as a practical framework that provides a detailed view of an organisation’s cyber risks and identifies preventive measures.
The Active Cyber Risk Model was built on Coalition’s proprietary data collection platform and knowledge graph, which captures 48 trillion monthly events. With these tools, it simulates how a singular cyber risk event could trigger a chain reaction resulting in substantial economic losses, illustrating the possibility of nearly $30 billion in total insured losses if an aggregated cyber event occurred.
In fact, a simulation modelled against a sampling of 5,000 American companies found that a one-in-250-year cyber event could cost more than $370 million in losses. When extrapolated across the entire US economy, Coalition said a catastrophic cyber event could cost an estimated $29.8 billion in total losses.
“As the industry continues to dwell on catastrophic cyber events and how best to offer coverage, if at all, one thing remains abundantly clear: cyber risk is insurable,” said Joshua Motta, CEO and co-founder at Coalition. “The insurance industry is uniquely positioned and capable of mitigating and protecting organisations from emerging cyber risks, and we are committed to protecting the hundreds of thousands of customers we serve.”
Coalition informs its new model by monitoring digital technologies and third-party vendors used by its policyholders. These shared technology dependencies, also called aggregation technologies and vendors (ATVs), are what generate aggregate cyber risk.
Using ATV data, Coalition is able to measure and assess the “interconnectedness of technologies and identify where cyber risk aggregates,” a Press release said.
The same release noted Coalition’s plans to utilise the model to identify which companies in its portfolio may be affected by a cyber event.
“More data exists on cyber than any other risk. Using the right tools and systems to measure this risk can dramatically reduce potential impact,” said Shawn Ram, Coalition’s head of insurance. “Unfortunately, we cannot prevent a catastrophic cyber event, but we can measure and contain catastrophic loss.”
What are your thoughts on cyber risk and the role of insurers in protecting organisations from catastrophic cyber events? Feel free to comment below.