logo image

Achieved a 20–25 percent reduction in gross loss costs

Enabled better risk selection

Enhanced understanding of which factors were driving cyber losses

The Challenge: Enhance Cyber Underwriting and Exposure Management

A leading global provider of property and casualty (re)insurance wanted to enhance its cyber risk strategy in order to improve risk selection, ensure risk-appropriate pricing, reduce exposure levels, boost market share, and strengthen its cyber position.

The company had developed an in-house cyber risk model to better understand factors driving cyber losses. However, many firmographics critical to pricing cyber risk – such as industry, company size, and jurisdiction – were not explicitly captured in the exposure data, making it difficult to generate reliable results. Additionally, aggregated and incomplete reinsurance books made it challenging to run portfolios through a risk model to identify affirmative cyber accumulations.

The Solution: Integrate RMS Cyber Solutions and Enrich Data

RMS conducted a comprehensive training program with the company’s cyber team to ground them in the use of RMS Cyber Solutions applications. The applications are designed to help users more effectively quantify, manage, and operationalize cyber risk and to establish a single view of risk across primary insurance and reinsurance books.

To address the incomplete exposure data, the native data enrichment tool in RMS Cyber Solutions was used to identify missing and incorrect values and supplement the dataset with accurate, company-specific information. Using the application’s disaggregation engine on the reinsurance books, the company generated a modelable portfolio representative of both locations and coverages. By integrating the client’s available low-resolution exposure and policy data with the RMS cyber industry exposure database, the company was able to conduct much more accurate exposure assessments.

The Outcome: Higher-Resolution Data Enabling a Single View of Risk

By introducing RMS Cyber Solutions applications, the company was able to enhance its overall cyber exposure data – enabling better risk selection, ensuring risk-appropriate pricing, and improving overall portfolio composition.

Embedding high-resolution, accurate information into the underwriting framework enabled the company to improve underwriting profit and achieve a 20–25 percent reduction in gross loss costs across all return periods. In addition, transparent access to the back-end model parameters and assumptions allowed the company to validate its results and understand what factors were driving cyber losses.

Key Results:


  • Achieved a 20–25 percent reduction in gross loss costs across all return periods.
  • Enabled better risk selection
  • Enhanced understanding of which factors were driving cyber losses.



Related Information



Quantify both affirmative and silent cyber risk to take advantage of market opportunity with the RMS probabilistic cyber catastrophe risk model.

Read More

Strategic Consulting and Solution Assessment

RMS consultants help analyze your current risk position, identify opportunities and threats, and uncover ways models can enhance your organization’s risk management.

Read More


Make better risk-based decisions with loss metrics for property and workers’ compensation lines using industry-leading terrorism models.

Read More
Server room

Succeeding in a Changing Cyber Risk Landscape

Though a relatively new peril, cyber risk is dynamic – and 2020 has certainly been a year of rapid change in terms of the nature of cyber risk. Due to national or state-level COVID-19 lockdowns, employees around the globe left the protective IT bubble at their office buildings to work from home, causing cyber exposure to shift radically for cyber insurers. Research from Stanford University published at the end of June 2020 suggested that 42 percent of the entire U.S. labor force was working from home full time. Similar figures were reported for other countries: 46 percent for the U.K. and 35 percent for Germany. It has not been easy for enterprises to accommodate this work-from-home shift. According to analyst Gartner, around 50 percent of businesses with more than US$1 billion revenue were unprepared for their employees to work from home en masse. Applications such as Zoom video conferencing saw a jump from around 10 million users at the start of 2020 to 300 million by the end of April. McKinsey reported that chief information security officers (CISOs) diverted budget to ensuring security for remote workers and any cyber threats they may have faced. Evolving Risk Environment The release of RMS® Cyber Solutions 5.0 ensures our modeling is based on the latest view of risk. At RMS, we have been supporting the (re)insurance community to understand this risk for more than four years – starting with our Cyber Accumulation Management System (CAMS) platform in 2016, which we evolved each year to where we are today. In addition, Cyber Solutions 5.0 includes the launch of the new RMS Cyber Solutions Underwriting application as well as a significant update to the RMS Cyber Solutions Portfolio Management application. What has the shift to home working meant for cyber risk? Looking at email, the volume of fraudulent and malicious emails has increased, with criminals exploiting COVID-19 fears to trick users to click on misleading web links. Vulnerable home workers are being targeted with phishing emails to garner sensitive information. For infrastructure, risks have increased due to use of home devices to log onto corporate networks, and a lack of secure network access. And the familiar threats remain, as data exfiltration and data breaches continue unabated with healthcare, public sector, and NGOs being targeted. Ransomware activity has seen a significant uptick. Insurer Beazley reported a 131 percent year-on-year increase in ransomware attacks, and average ransom payments were up a third to over US$110,000 for larger enterprises, according to Coveware. Whereas contagious malware is more constrained by the ability of threat actors to develop and weaponize exploits, for ransomware, established “exploit kits” and “ransomware as a service” provides a quicker and easier route to payment. Ransomware attacks in 2020 have impacted fitness brand Garmin, with a multimillion dollar payment, and multiple healthcare providers including an attack on four hundred Universal Health Services locations which affected emergency room systems. RMS Cyber Solutions modeling framework reflects these landscape changes. New Parametrization for Japan With RMS Cyber Solutions 5.0, we have extended the “out-of-the-box” global parametrization to eight major markets with the inclusion of Japan. It is now a specifically modeled country with its own set of rates and costs that have been determined through significant research of cyber events, infrastructure, and insurance in Japan. Simulation Framework To get a full distribution along the exceedance probability (EP) curve for metrics such as 100-year return periods and year loss tables (YLT), you need to simulate over tens of thousands of years of potential events. The new simulation framework in our cyber model offers a more robust and intuitive approach, simulating events directly onto a timeline. This framework allows you to drill into the rates and costs to see which events contribute to the loss, such as malware or a cloud outage, as well as the key drivers of that loss. This depth of insight allows users to make informed decisions for their business such as: grow/shrink, portfolio optimization, reinsurance strategy, and capital allocation. All of this is within the transparent and open framework you would expect from RMS, allowing you to query results however you choose, examine the drivers of loss, validate model assumptions, and change parameters as you see fit. Underwriting Solution Cyber Solutions 5.0 introduces our new RMS Cyber Solutions Underwriting application as a separately licensable product. It is designed to deploy our modeled insight at the per-risk level, helping affirmative cyber insurance underwriters technically price risk in a consistent and profitable fashion. This pricing approach is consistent with the RMS Cyber Solutions Portfolio Management application. The model explicitly prices for catastrophe load and leverages the Cyber Incident Database, curated and sourced by RMS, with over 100,000 data breach events plus over 100,000 ransomware events (as well as numerous cloud and DDoS events).  Both the underwriting application and the portfolio management solution within RMS Cyber Solutions 5.0 support integration with a variety of industry-leading cyber risk scoring vendors. This allows you to drill into the specific “technographic” aspects of an individual risk and refine your pricing further. These are only a few of the many upgrades to RMS Cyber Solutions that are now available in version 5.0. With the new model reflecting the latest risk landscape, combined with effective tools to analyze, manage, and price cyber risk, model users can move forward with greater confidence managing this ever-changing peril.

Read More
cyber brocheure

Cyber Brochure

Understand your global exposure to cyber risk with RMS Cyber Consulting Services

Read More
Advanced Risk

See How RMS Helps Customers Outperform

close button
Overlay Image
Video Title

Thank You

You’ll be contacted by an RMS specialist shortly.