logo image

Quantify Risk with Cyber Modeling

RMS Cyber Solutions use the latest cyber risk analytics and most current cyber risk data to quantify the risks of this dynamic peril helping you make sound underwriting, portfolio management, and risk transfer decisions.

Improve Cyber Pricing

Our financial model is calibrated for cyber risk using econometric data, robust modeling of threat factors, and our Cyber Incident Database (which includes data on millions of attacks).

Understand Market Position

The RMS Cyber Economic Exposure Database enables you to understand your relative market share and account for annual fluctuations in the U.S. cyber market.

Manage Risk Effectively

Stay ahead of the competition with the cyber risk model that helps you intelligently underwrite, diversify, and manage both catastrophic and attritional cyber risk.

Key Cyber Model Features

The comprehensive RMS cyber risk model supports (re)insurers’ end-to-end cyber risk management.

State-of-the-Art Modeling Cyber Modeling

Reflects current cyber risk assumptions, insights, and research into the underlying causal processes that impact both digital assets and operational technology.

Data Enrichment

Improve cyber model accuracy by backfilling missing exposure characteristics with a global database of over 11 million companies.

Price the Risk

Price individual cyber risks and reliably measure tail risk. At its most granular, RMS Cyber Solutions resolves down to the account level, while consistently scaling to produce full portfolio analytics.

Cyber Modeling Customization

Incorporate your own view of risk alongside the existing cyber risk model by adding user-defined alternative model parameters and adjusting the model’s severity.

Get a Complete View of Cyber Risk

The increasing risks posed by cyber attack, security breaches, and cyber threat make it critical that insurers have a complete view of potential vulnerabilities and exposure aggregations. RMS cyber risk models assess attritional risk (one-off), large event, and catastrophic event losses for a comprehensive perspective and the ability to improve risk selection and pricing. The RMS financial model is calibrated using econometric data, robust modeling of factors, and our Cyber Incident Database which includes data on millions of attacks. 

RMS solutions model a range of sub-perils, including data breach, cloud service provider failure, denial of service (DDOS), contagious malware, and ransomware. Our cyber risk models are regularly updated with new features and functionalities, as well as the latest attack information to help our clients optimize portfolios. With cyber expert insights, RMS clients can maximize growth and manage exposure by having fast access to the most useful data for measuring cyber risk, including silent cyber risks, key return period losses, and tail event impacts. 

Related Cyber Solutions

RMS Cyber Solutions offer a full range of cyber risk modeling, quantification and management solutions to help (re)insurers regardless of the maturity of their cyber business.


Beyond Cyber as a Coverage

The core RMS cyber risk models can be used to quantify cyber risk arising from a range of scenarios for various coverages and categories of exposure. But to gain a complete view of risk, other RMS solutions can help (re)insurers.

Buildings impacted by terrorism risk
Probabilistic Terrorism Model (PTM)

Terrorism can be conflated with cyber risk – both involve human actors with intent to disrupt loss. Our PTM looks at conventional and non-conventional attack methods.

Busy port highlighting the importance of risk solutions for business continuity
Marine Cargo and Specie

Estimate potential losses and risks using a vulnerability model custom-tailored to the uniqueness of the cargo and specie lines of business.

Ocean-based oil and gas platform
Offshore Platform

Model hurricane damage to offshore platforms, rigs, wells, and pipelines throughout the Gulf of Mexico.


Log4j Vulnerability and the Complexity of Modeling Cyber Risk

The cybersecurity world has turned its focus to the discovery of a vulnerability in Log4j, a Java library for logging error messages in applications. Log4j is widely used in enterprise Java software, from well-known major vendor software applications and services to software developed in-house. Everyday users see Log4j in action when an application generates an error message, alerting the user to the error on screen, logging the error, and in some instances,…

Gallagher Re
An Analytical Approach to Cyber Intelligence

Gallagher Re is leveraging a sophisticated actuarial approach to help its clients measure and price underlying cyber risk.

Computer code
Lessons from SolarWinds Breach: How IT Supply Chain Attacks Can Cause Serious Cyber Insurance Losses

This article was originally published in Insurance Day - click here to access (subscription required) Cybersecurity company FireEye was the first to reveal how a serious threat actor had hacked their internal network via a compromised SolarWinds Orion application, closely followed by several U.S. government agencies. SolarWinds Orion IT monitoring and management software has over 300,000 customers worldwide, including 425 of the U.S. Fortune 500 businesses,…

New Ways of Modeling Property-Liability Clash and Uncovering Hidden Risk

Natural disasters and other large catastrophes can trigger huge economic losses potentially among multiple insurance lines. RMS, in collaboration with research partner Cambridge Centre for Risk Studies at University of Cambridge, have developed eight template scenarios that model liability clash triggered by natural or man-made catastrophic events. This research was primarily focused on property–liability clash modeling and was the continuation of the two…

Server room
Succeeding in a Changing Cyber Risk Landscape

Though a relatively new peril, cyber risk is dynamic – and 2020 has certainly been a year of rapid change in terms of the nature of cyber risk. Due to national or state-level COVID-19 lockdowns, employees around the globe left the protective IT bubble at their office buildings to work from home, causing cyber exposure to shift radically for cyber insurers. Research from Stanford University published at the end of June 2020 suggested that 42 percent of the entire…

Cyber Risk Outlook 2019

The report provides insights into the rapidly evolving world of cyber risk and describes the latest insights from RMS analysts and modelers in collaboration with the Cambridge Centre for Risk Studies.

Quantify Your Silent Cyber Exposure With These Three Steps

In 2017, WannaCry infected computers in over 150 countries across the globe, taking out critical functions such as the National Health Service (NHS) in the U.K. One year later, the NotPetya cyberattack brought many household names to a standstill. The pharmaceutical giant, Merck, was reportedly the source of US$1.3 billion of total impact to (re)insurers from the NotPetya attack, 87 percent of which was considered silent exposure. These two major cyberattacks…

Toward a Science of Cyber Risk

A new article, The Science of Cyber Risk: A Research Agenda has just been published in Science. A free, non-paywall version of this paper is available here. Written by a diverse team of 19 authors, including myself, it presents a concise argument for interdisciplinary research, to establish a scientific basis for risk analysis and management in the cyber security domain. As a leading provider of cyber risk models for the (re)insurance…

system hacked
Cyberterrorism: A Risk Assessment

Technological advances in communications, computing and computer networks are exposing new vulnerabilities that terrorist groups can exploit, making cyberterrorism a potential security concern. The media has extensively discussed this issue, invoking images of massive economic losses and even larger-scale loss of life from a cyberattack executed by a terrorist group. But just how real is the threat that cyberterrorism poses? Fortunately, the fear…

Standardized Cyber Exposure Data Schema

A data schema for a growing cyber insurance market. Cyber Insurance Exposure Data Schema v1.0

Cyber Risk Modeling and the Data Skeptics
Cyber Risk Modeling and the Data Skeptics

Cyber modeling is growing up and is now more widely accepted by cyber insurers around the world. Despite the many advances that have improved the model over the past four years, some are still skeptical about cyber modeling, claiming that there’s insufficient data. We believe they’re wrong and that cyber modeling can be used effectively for managing exposure and underwriting. In this webinar, we will take a closer look at the extensive data capture conducted by…

Contact Us

Find the Right Cyber Risk Models for Your Business

close button
Overlay Image
Video Title

Thank You

You’ll be contacted by an RMS specialist shortly.