In my thirty-plus years working with insurers, this is one of the few genuinely new lines of business that could generate tens of billions of dollars for the industry.

- Peter Ulrich, RMS Senior Vice President and Head of Emerging Risks Division


Understanding Cyber Accumulation Risk:
Maximizing the Cyber Insurance Opportunity

Cybercrime is one of the biggest threats facing businesses today, and mitigating cyber risk is a top business priority. The digital economy has its own characteristics and exposure landscape – very different from the exposure of a traditional portfolio.

Cyber represents a fundamental growth driver for the global (re)insurance industry, but cyber insurance demand significantly exceeds current capacity. Most insurers are cautious about capacity expansion due to the accumulation risk posed.

To grow, insurers need to understand both the risks and risk accumulation potential from this systemic and dynamic cyber threat landscape – a difficult task without a common data standard or mechanism for understanding aggregations of risk.

Developed in collaboration with eight leading insurance partners, the RMS Cyber Accumulation Management System builds on a cyber exposure data schema to capture, store, and report on cyber exposure data within a standardized data framework.

A Common Data Standard

Partnering with the University of Cambridge Centre for Risk Studies, the RMS Cyber Exposure Data Schema offers a standardized approach for identifying, quantifying, and reporting affirmative and silent cyber exposure. The RMS schema captures five key categories of cyber risk, providing a common language and approach needed for understanding and measuring cyber accumulation risk.

Cyber Loss Process Models

Defining a Probable Maximum Loss (PML) for cyber insurance is challenging. With negligible claims history and the absence of a truly systemic "catastrophe" loss, many large insured claims have arisen from a single cause.

RMS has created five loss process models to stress test a (re)insurer’s portfolio, reflecting five key IT-related cyber threats to represent severe but plausible examples of systemic cyber catastrophes.

Flexible Reporting Analytics Engine

The RMS Cyber Accumulation Management System "engine" provides a framework for analyzing exposure and loss results across both affirmative and silent cyber insurance policies.

With out-of-the-box analytics to help support both the understanding of risk accumulations and key drivers of loss from within the scenarios models, the accumulation engine delivers business insight required to set and monitor risk appetite over time.