Oliver Brew

Understanding and predicting human behavior is one of the biggest challenges facing modellers of both pandemics and cyber risk, a new report from CyberCube concludes. According to the report, which sets out to understand the lessons both pandemic and cyber modellers could learn from each other, the potential for political decisions and the public’s response to affect the duration and severity of both types of events is critical to successful modelling. Partnership The report, which includes comments by experts from Munich Re and contributions from pioneering pandemic modelling firm Metabiota, finds that the ways in which modellers represent the complex interactions between human-created risks will be key to building effective models. Even though pandemics originate from pathogens, the report notes, the challenge is how models can illustrate the range of outcomes based on individual and societal reactions that impact the spread of the disease or cyber threat. Viruses, contagion, and tail-risk modelling cyber risk in the age of pandemics, also finds that lack of data is a brake on progress for both types of modellers. Since the start of the twentieth century, there have been fewer than twelve major global pandemics. There have also been very few significant systemic cyber events, although there have been thousands of cyber incidents since the emergence of the Internet and connected technology. This has not provided a wealth of data to assess the potential impact of such events. Methodology and data challenges Oliver Brew, CyberCube’s Head of Client Success, said “It’s clear that lessons can be learnt and applied to cyber risk modelling from understanding how pandemic models have evolved."Even though there are differences between computer and human viruses, parallels are emerging in the modelling "As the COVID-19 pandemic continues, even though there are differences between computer and human viruses, parallels are emerging in the modelling, the methodologies, and the data challenges.” He added “There is real value in learning from interdisciplinary teams in how to balance the needs of accuracy and precision in developing models to meet the market needs. At a minimum, the need for a creative, but reality-based imagination to represent forward-looking risks is critical.” Accumulation risk Dr. Hjalmar Böhm, Senior Actuary, Epidemic Risk Solutions, a dedicated epidemic risk solutions business unit at Munich Re, said “In both cyber risk and pandemics, there is a need to consider accumulation risk. For example, a pandemic is a key consideration for life insurers and a high mortality event could create a significant economic loss.” “A solid approach to controlling accumulation risk exposure needs to be the basis for every business model for epidemic risk insurance.” Pandemic and cyber systems are connected Nita Madhav, CEO of Metabiota, added “There are parallels with modelling the global spread of a disease and how cyber systems are connected - both are network issues. The impact of mitigation risk and early action can potentially make a difference.” “Furthermore, you can be asymptomatic with COVID-19; similarly, you may not know if a cyber intruder has already infiltrated your network.” Conclusion The report concludes that addressing current limitations in data collection will improve the value and insight these models can provide to the insurance and life insurance markets. Another common theme is that both cyber risk and pandemics are unencumbered by geographic boundaries.

C-suite executives will increasingly be targeted by cyber criminals looking for ways of extorting money from large corporations. According to a new report from cyber analytics provider CyberCube, organized criminals and hackers are moving away from ‘high volume, low-value’ methods of attack to, instead, carefully selecting senior managers who have access to organizations’ bank accounts and are in a position to authorize payments. Maximum degree of compliance Criminals are also predicted to use artificial intelligence to construct algorithms that will ‘hunt’ for individual targets while deciding which of their ‘buttons to press’ in order to obtain the maximum degree of compliance. The report, Understanding Ransomware Trends, predicts that criminals will more closely calibrate their ransom demands to an organization’s financial performance, data assets and other measurables. This includes appetite and ability to pay ransoms. Aggressive organized criminal groups Overall, the report contends, the nature of ransomware attacks is changing with greater focus on organizations rather than private individuals. According to figures from cyber security specialist Symantec, the volume of cyber attacks focusing on consumers has fallen from 69% in 2016 to 19% in 2018. In hand with this, payment demands are increasing, rising to millions of dollars in some instances. The nature of ransomware attacks is changing with greater focus on organizations Oliver Brew, CyberCube’s Head of Client Services and one of the report’s authors, said: “The business model for cyber crime is evolving rapidly. Threat actor groups are conducting campaigns and adjusting their models to extract greater value from a smaller number of attacks. Recently, we’ve seen some very sophisticated and aggressive organized criminal groups conduct carefully targeted ransomware attacks, which mark a move away from the traditional high volume, low-value approach.” Forward-Looking view of cyber threats Yvette Essen, CyberCube’s Head of Content, added: “Criminals are realizing that ransom demands of millions of dollars are achievable when the target becomes a corporation rather than lots of consumers. The danger now is that the Coronavirus outbreak is creating the ideal conditions for ransomware attacks to flourish. With widespread working from home, increased internet traffic, increasing use of technology for what were face-to-face transactions, corporations must increase their vigilance.” Darren Thomson, Head of Cyber Security Strategy for CyberCube, said: “Insurers need to take a forward-looking view of cyber threats like ransomware. That’s why CyberCube is investing in research and development necessary to help the insurance industry anticipate how these attacks are evolving. It’s important to remember that the amount of ransomware attacks like Travelex which have gone public are just the tip of the iceberg.”

A lack of historical data and the rapidly evolving nature of cyber threats mean that cyber risk modellers need to be selective in the lessons they learn from natural catastrophe models. According to a new report from market-renowned cyber analytics provider firm, CyberCube, the evolution of natural catastrophe modeling since Hurricane Andrew in 1992 can act as a template for cyber modelers, but only up to a point. Beyond that, cyber modelers need to develop their own solutions. ‘Drawing from the Experience of Nat Cat Modeling’ ‘Drawing from the Experience of Nat Cat Modeling’, highlights three key differences While there are similarities between the two types of models, the report, ‘Drawing from the Experience of Nat Cat Modeling’, highlights three key differences. In addition to a lack of historical data and the rapid frequency with which cyber events are changing, cyber-attacks involve ‘active adversaries’ in the form of criminals or terrorists. These important differences mean that cyber modelers do not have the time or ability to ‘observe, learn and adapt from past data and models’. One key challenge for cyber modelers identified in the report is the need to improve accuracy in this sector in which the past provides limited guidance as to future activity. Enhancing cyber security Oliver Brew, CyberCube’s Head of Client Services and one of the report’s authors, said “There’s a well-known phrase in statistical circles that while all models are wrong, some are useful. Models like CyberCube’s model do not have a predictive line of sight to outcomes but they do aid decision-making, capital planning and a wide range of other factors.” He adds, “For a long time, our sector thought that by studying the way in which nat cat models developed, we could find answers to build better cyber models. What this report shows is that those parallels will only take us so far. The challenge for businesses like CyberCube is to use the tools at our disposal to learn from the past and make informed decisions about the future. The good news is that cyber models are improving rapidly with more useful data sources and faster cloud-hosted processing power.” ‘Categorized and structured’ data The report studied how Hurricane Andrew in 1992 highlighted significant weaknesses in what were then current modeling practices. Yvette Essen, Head of Content at CyberCube, said “Back then, insurers estimated the size of future losses using ‘experience’ data based only on what happened in the past. Actuaries simply adjusted recent history to reflect current trends. Hurricane Andrew helped to prove that past data is a poor gauge for future catastrophe exposure. Previous projections failed to recognize that science indicated unprecedented events were within the realm of reasonable possibility.” Limited volume of ‘categorised and structured’ data on insured cyber losses can hamper cyber models' development The limited volume of ‘categorized and structured’ data relating to insured cyber losses may also hamper the development of cyber models. While there are many sources for information on well-documented cyber incidents, the report notes, these have not translated into a similar volume of useful data that insurers and modelers can utiltize. Cyber risk analytics expert CyberCube delivers renowned cyber risk analytics for the financial and insurance industry. With best-in-class data access and advanced multi-disciplinary analytics, the company’s Software-as-a-Service platform helps insurance companies make better decisions when underwriting cyber risk and managing cyber risk aggregation. CyberCube’s enterprise intelligence layer provides insights on millions of companies globally and includes modeling on over 1,000 single points of technology failure. Drawing from the Experience of Nat Cat Modeling is published online and available from CyberCube on the official company website.