RMS and AIR Worldwide are working to build new risk models focused on the digital space
Two risk modeling companies serving the insurance industry are beginning to focus more heavily on the digital world, hoping to form better cyber attack risk models. RMS and AIR Worldwide have seen the risks in the digital world escalate over the past several years. These risks are becoming more prominent and the majority of the insurance industry may not be able to tackle these risks appropriately with existing, outdated risk models.
Recent cyber attacks highlight the need for better insurance products
The recent cyber attack against Sony, which leaked a massive amount of information concerning the company’s productions, as well as the information of customers and its employees, highlighted the vulnerabilities that exist in the digital space. While large companies like Sony have cyber insurance coverage to protect against such attacks, these insurance policies are not necessarily able to cover all the damage that can be done by a major cyber attack. This is because the insurance industry lacks the needed risk models to design protective products.
Total cost of cyber attacks throughout the world could be as high as $575 billion annually
A study released by the Ponemon Institute and IBM earlier this year found that the average cost of a cyber attack in the United States was $5.9 million. This cost is the estimate of modest attacks that have limited damage on a company and its customers. Major attacks can be far more costly. Current estimates suggest that the attack against Sony could cost as much as $100 million. A study from McAfee suggests that the financial damage that cyber attacks do to the global economy can be as high as $575 billion a year.
New risk models could allow the insurance industry to provide better protection
New risk models may be able to help the insurance industry offer better protection to businesses around the world. The industry has been working to better understand the digital world and the risks that exist therein for the past 15 years. Many insurers are still trying to understand these risks and, as such, cannot offer adequate protection to those concerned with cyber security.