Article
5 Questions with Yoshi Yamamoto: Key Takeaways from “The Future of Cyber Insurance” White Paper
At-Bay’s Director of Risk Modeling discusses our publication with Guidewire Software
This week, leading P&C platform Guidewire Software published a white paper with At-Bay titled “The Future of Cyber Insurance: Active Scanning and Continuous Monitoring of Cyber Risk for Improved Loss Ratio.” This co-authored paper quantifies the effectiveness of At-Bay’s risk mitigation strategy and Active CAT Management framework.
We talked to our Director of Risk Modeling and primary author of the paper, Yoshi Yamamoto, to get the details.
1. Let’s Start With The Basics. What’s In This White Paper?
“The Future of Cyber Insurance” proposes a solution to the challenges of insuring dynamic cyber risk: active scanning at the time of underwriting and continuous monitoring over the policy period.
- Active scanning enables risk selection by allowing cyber insurance carriers to determine an organization’s digital assets and overall security posture at the time of underwriting.
- Continuous monitoring helps cyber insurance carriers keep pace with the ever-changing threat landscape and technological evolution of companies.
The paper cites At-Bay’s Active CAT Management (ACM) program, which is At-Bay’s proprietary risk mitigation component applied to Guidewire’s Cyence cyber CAT risk model, as a real-world example of the effectiveness of this type of active, continuous risk monitoring.
Read more about At-Bay’s Active CAT Management approach →
2. What Is The Top Takeaway?
Cyber risk is quickly becoming one of the biggest financial risks to modern businesses.
Cyber insurance carriers can help protect policyholders from loss — and thus protect reinsurers’ investment — by actively managing risk through a program like Active CAT Management. An ACM program that combines cyber CAT risk modeling with continuous risk monitoring can properly estimate aggregate risk with risk mitigation.
3. Can You Tell Us About The Connection Between Guidewire And At-Bay?
Guidewire Software scans millions of companies around the globe each month to quantify their cyber risk, and its data-driven Cyence model can provide us with the loss difference between the general population and At-Bay’s policyholders.
At-Bay utilizes the granular level of Cyence’s output and applies our own risk mitigation component, which is quantified with in-house data from our Active Risk Monitoring service.
This white paper shares how the risk insights provided by Cyence and risk mitigation quantified by ACM drive CAT exposure and Aggregate Exceedance Probability curves down significantly in At-Bay’s portfolio.
4. Can You Explain The Cyber Risk Modeling Behind This Paper?
Cyber risk exists in a dynamic balance between attack and defense. The timeline of both sides matters.
Active scanning allows insurance carriers to notify policyholders of emerging vulnerabilities before they are exploited, helping them implement patches before loss occurs. Our data shows that this is an effective way to prevent cyber CAT loss.
In order to demonstrate the effectiveness of vulnerability patching and proactive mitigation, we computed ground-up losses and downloaded two portfolios from the Cyence platform: a general population and At-Bay’s insureds. We applied ACM risk mitigation to the ground-up losses for At-Bay insureds, then compared those three cases and saw a significant loss reduction for the portfolio with ACM.
5. What Do You Aim To Accomplish With This Publication?
On top of providing insurance coverage, At-Bay helps prevent our policyholders from experiencing cyber attacks. We believe this should be an industry standard for cyber insurers.
We trust that At-Bay’s Active CAT Management framework, modeled in this white paper, can help reduce uncertainty, increase understanding of the actual impact of cyber CAT risk, and push the cyber insurance industry to develop a better standard for risk mitigation.
Click here to get your copy of the paper →
About Yoshi Yamamoto
Yoshi Yamamoto is Director of Risk Modeling at At-Bay, the InsurSec provider for the digital age. He has built a risk modeling team from the ground up that works to design the company’s Aggregation Risk View for the ever-changing cyber landscape. His role supports At-Bay’s high-risk management program standards for underwriting and portfolio accumulation. Before joining At-Bay, Yoshi was Head of Global Risk Modeling and Analytics for Cyence at Guidewire.