Global Economy Resilient to Cyberattacks, But Major Events Pose Significant Risk: CyberCube

A recent report by cyber risk analytics provider CyberCube reveals that while the global economy has shown resilience to cyber attacks with minimal financial losses experienced so far, the analysis of near-miss events suggests a significant risk of far larger losses in the future.

Source: Reinsurance News: Akankshita Mukhopadhyay | Published on June 7, 2023

Howden launches Cyberwrite

A recent report by cyber risk analytics provider CyberCube reveals that while the global economy has shown resilience to cyber attacks with minimal financial losses experienced so far, the analysis of near-miss events suggests a significant risk of far larger losses in the future.

In the comprehensive study, CyberCube examined over 100 global cyber aggregation events with catastrophic potential that occurred over the past six years, averaging approximately one event every three weeks.

The cybersecurity community managed to resolve the majority of these events with minimal financial impact on insurers. Nevertheless, CyberCube warns that the observed near-miss events indicate the possibility of much larger losses in the future.

The findings of the report have been incorporated into CyberCube’s software-as-a-service solution, Portfolio Manager Version 5 (PMv5).

This cyber risk modeling platform enables stress testing of portfolios against various systemic cyber-related scenarios, including data breaches, cloud outages, and global ransomware attacks. By utilizing PMv5, the (re)insurance industry can identify potential risk accumulation areas and drivers of loss.

Originally launched in March 2018, Portfolio Manager has become the industry’s leading probabilistic cyber catastrophe model.

PMv5, the latest release, introduces an “Event Family” structure to scenario classes and updates various model parameters, narratives, and data, while maintaining its robust modeling methodology.

Additionally, the new version empowers (re)insurers to gain a deeper understanding of the impact of cyber-specific policy terms and sublimits through enhanced financial modeling controls.

The industry is actively exploring policy language adjustments to mitigate (re)insurers’ exposure to catastrophic cyber scenarios, which could potentially reduce capital requirements.

CyberCube’s analysis of the CyberCube US Industry Exposure Database suggests that the implementation of stringent widespread event language could reduce the 1-in-100 year US cyber insurance industry loss by up to 65%.

Jon Laux, CyberCube VP of Analytics and report author, said: “Understanding the nature and potential extent of cyber catastrophe risk is absolutely essential for a sustainable cyber (re)insurance market. For PMv5 we reviewed nearly every aspect of our model to provide a coherent view of risk – driven by a combination of deep expertise and data, and organized so results make sense for both technical users and senior decision makers. We hope this model serves as a basis for the critical business decisions the industry needs to make.”

Cody Stumpo, CyberCube Senior Director of Product Management, highlighted the broad updates and improvements incorporated into PMv5. The latest release reflects CyberCube’s latest research and analysis of the current threat landscape, providing a more reliable analysis at all levels of granularity.

Portfolio Manager, with its rigor and analytical flexibility, offers the industry the ability to robustly quantify the financial loss impact of mass aggregation cyber events, Stumpo said.