Better modelling and pricing metrics are needed before the insurance-linked securities (ILS) marketplace exposes itself to the growing cyber risk transfer space, according to Florian Heimann of AIR Worldwide.
Speaking at Guernsey Finance's annual ILS Insight event in Zurich, Mr Heimann said it would take time for ILS managers to become comfortable with cyber modelling.
"Cyber is a pretty new peril and, in contrast to natural catastrophe models, people are simply not used to it yet," said Mr Heimann.
"Natural catastrophe models have been used extensively for more than 15 years and people feel comfortable with assessing their risks based on those models. For cyber, this comfort is in the process of building up, and I would guess something that has to build up slowly."
Mr Heimann noted that there is data on 23,000 data breach events – more than 20 times the amount available on storm or hurricane events in the US - so this certainly helped when looking to develop models. However, he reminded the audience that it was somewhat unfair to directly compare the two as you could not just depend on historical events to inform the cyber models to assess the actual risk.
"The pretty straightforward geographic aggregation that can be applied in natural catastrophe models, cannot be applied in cyber models," said Mr Heimann.
"If you have one house destroyed by a hurricane, chances are pretty high that the house next door will be affected by the same hurricane. For cyber, you would need to aggregate by more complex and more abstract features. Things like which operating systems are used, or on which third party providers do you depend?"
Heimann was speaking alongside fellow panellists Scott Mitchell of Secquaero-Schroders, Jonathan Davies of Aon Benfield and Stewart McLaughlin of White Rock Insurance Company PCC. All agreed that cyber risk represented an opportunity for the ILS marketplace.
Mr McLaughlin said the insurance market had to continue to innovate and cyber – although a broad area – was a risk it needed to deal with.
"I spoke to an insurance company a few weeks ago and when you say cyber, they have actually broken it down into 12 discrete risks. So, I think we are working to actually define what cyber is and to put it into discrete risks and to model those particular risks," said Mr McLaughlin.
Guernsey Finance will be following up its successful ILS Insight event by hosting the annual Guernsey Insurance Forum in London on Thursday 5 October. The event will also be focusing on the world of cyber risk with former head of the FBI's Cyber Division, James Trainor, confirmed as keynote speaker. Now Senior Vice President within Aon's Cyber Solutions Group, Mr Trainor played a critical role in developing the FBI's national strategy to combat cyber-crime.
For more information about Guernsey's finance industry please visit www.guernseyfinance.com.www.guernseyfinance.com
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.