Risk Management Solutions Inc. (RMS) announced on Tuesday that it has released its Cyber Accumulation Management System, which includes a new software system and framework for cyber exposure reporting, in addition to a suite of cyber catastrophe scenarios for loss modelling.
The system was developed with consortium of cyber insurers, and in collaboration with the Centre for Risk Studies at Cambridge University, RMS said in a press release. The initiative was supported by Amlin Plc, Aon Benfield, AXIS Capital, Barbican Insurance Group, Canopius Managing Agents Ltd. and SJNK Inc., RenaissanceRe Holdings, Talbot Underwriting and XL Catlin.
An accompanying report, titled Managing Cyber Insurance Accumulation Risk, setting out a comprehensive framework for managing accumulation risk, has also been published.
The launch of the system follows the publication in January of the Cyber Exposure Data Schema, developed in collaboration with the Centre for Risk Studies and with the support of the aforementioned insurers and reinsurers. The schema sets out the data requirements for the Cyber Accumulation Management System.
“While many insurers see cyber as a growth opportunity they are cautious of scaling their limits and increasing their exposure because, rightly, they’re concerned about accumulation – what happens if many of their insureds are impacted in a large-scale ‘cyber catastrophe’?” asked Andrew Coburn, senior vice president of RMS. “To prudently increase capacity for cyber insurance, insurers need to first understand both their cyber accumulation and correlations.”
Assessing the Probable Maximum Loss for cyber is a key determinant for an insurer to set its risk appetite, enabling firms to understand the potential size of cyber catastrophes. Without an ability to set a PML, insurers are compelled to assume a conservative approach, limiting their capacity and reducing the efficiency of their capital management, RMS said in the release. To address this, the system provides insurers with the “framework to organize and structure their data, in addition to five cyber loss models that enables insurers to stress test their portfolios against a range of cyber loss methods.” [click image below to enlarge]
Hemant Shah, CEO and co-founder of RMS, added that the launch of the Cyber Accumulation Management System is “not only an important first step in furnishing our clients with the models and tools to safely grow capacity for this line of business, it also helps to create a fundamental opportunity for the industry to increase its relevance in a rapidly changing economy.”
Simon Ruffle, director of technology research and innovation at the Centre for Risk Studies, said that the centre’s research has identified the insurance coverage categories that are “most susceptible to systemic cyber events, and revealed these categories are not only present in affirmative cyber insurance products but extend to silent exposures in ‘all risks’ policies covering property and casualty without explicit cyber exclusions.”
These categories include, among others, breach of privacy events; data and software loss; network service failure; business and contingent business interruption; and incident response costs.