Assessing and Reinsuring Cyber Risks in Reinsurance Seminar
This presentation delves into the intricate world of cyber risks, exploring the evolving landscape of cyber insurance, unique challenges in modeling cyber threats, and future considerations. Join Dr. Raveem Ismail on a fascinating journey through the realm of cyber risk assessment and reinsurance strategies.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
A PRESENTATION TO CAS 2015 Reinsurance Seminar Assessing & Reinsuring Cyber Risks Dr Raveem Ismail DPhil, MSc by Research, MPhys (Oxon), MInstP Ariel Re (Bermuda) raveem.ismail@arielre.com
Relevant background Oxford. Physics and Atmospheric Physics (microphysical modelling, volcanoes, aviation emissions, cirrus cloud). Exclusive Analysis (now part of IHS). Political Risk/Violence consulting. Aon Benfield. Terrorism Model Lead. Validus/Talbot. Terrorism & War Underwriting Analyst. Ariel Re. Specialty Treaty Underwriter. 2
The cyber insurance market Not new. Exclusions: NMA 2914, NMA 2915, CL 380. Lloyd s risk code CY in 2013. No longer purely an FI / privacy hacking issue. Focus now: malicious cyber, and BI not just PD. 3
Attributes The parallels with natural hazards do not hold. Exposure is rapidly changing, and is connected in hidden ways: non-geographic accumulation*. The parallels with physical assets do not hold either. Self-certification is not an option! Therefore difficult to model: The current state of cyber modeling is like trying to use the count of arrests for a crime to figure out the dollar losses from theft. They are related, but not in all the ways you want **. * http://www.gccapitalideas.com/2014/10/21/costs-of-cyber-attacks/ ** http://www.riskandinsurance.com/cyber-risk-models-remain-elusive 4
A few cyber developments Internet Of Things (IOT). E.g., surgical devices*. Hacking even air-gapped (physically isolated) networks, systems and devices possible. Many sophisticated actors. Including governments**. Post-Snowden behavior changes: minimal/non-existent***. Potential catastrophes: aeroplane hacking^, Equation Group^^. * http://money.cnn.com/2013/04/08/technology/security/shodan/index.html , http://www.technologyreview.com/view/537001/security-experts-hack-teleoperated-surgical-robot/ ** http://www.bbc.com/news/uk-28623365 *** http://cacm.acm.org/magazines/2015/5/186025-privacy-behaviors-after-snowden/fulltext ^ http://www.wired.com/2015/04/twitter-plane-chris-roberts-security-reasearch-cold-war/ , http://arstechnica.com/security/2015/05/alleged-plane-hacker-said-he-pierced-boeing-jets-firewall-in-2012/ ^^ http://arstechnica.com/security/2015/03/new-smoking-gun-further-ties-nsa-to-omnipotent-equation-group-hackers/ , http://arstechnica.com/security/2015/02/how-omnipotent-hackers-tied-to-the-nsa-hid-for-14-years-and-were-found-at-last/ , http://www.kaspersky.com/about/news/virus/2015/equation-group-the-crown-creator-of-cyber-espionage 5
Thoughts for the future Not an opportune point in the insurance cycle. Yet to see a credible cost-effective accumulation method and auditing process for insureds. Loss experience needed. Work with governments and credible third parties. Data, when it comes, should come quickly. 6
