More Powerful Than Ever: The Fourth-Generation Model of Cyence for Cyber Risk Management

Guidewire Cyence™ Risk Analytics recently announced the general availability of the fourth-generation update to our risk model (Model 4) for Guidewire Cyence™ for Cyber Risk Management. While developing this new model, our team collected additional data and reviewed a significantly larger set of claims. As a result of those efforts, we’ve revised our assumptions to reflect a refined and timely view of the evolving cyber landscape. That landscape will always be marked by a unique set of uncertainties. But the tools, insights, and accumulated knowledge about cybersecurity have all matured since we introduced version 3 of the risk model.

 

In Model 4, we’ve introduced the following new features and enhancements to enable significant benefits for our customers:

  • Evolved sophistication with Ransomware Event Modeling

Ransomware has severely plagued the global economy in recent years. Enterprise IT security has responded to this challenge with better perimeter security, detection mechanism, and staff training for increased awareness. However, insurers are slow to react due to the lack of dedicated analytical solutions to translate this cyber risk into probability and financial measures. In Model 4, we introduce advanced analytics modeling for ransomware to respond to the evolving cyber landscape. Our ransomware scenario is designed to estimate loss origination from a mass business interruption following a ransomware event. In particular, the scenario examines loss estimations from the following two coverage parts of a business entity:

  • Business interruption: time and business income loss, as well as extra expenses 
  • Cyber extortion: extortion payments and forensics
     

 

This advancement expands the parameters of risk evaluation by incorporating the likelihood of a ransomware attack into the broader cyber risk modeling. By having a comprehensive view of cyber risk exposure, insurers can improve their portfolio exposure management, set appropriate limits, and gain the confidence to adapt and succeed in this fast-changing insurance class.

  • Improved model stability and accuracy for Cloud and other major events

Based on recent cybersecurity research and a rigorous analysis of the new data, we’ve recalibrated our model assumptions and projections for major events. At the time we released version 3 of our risk model, widespread cloud adoption was just getting under way. The uncertainties we evaluated at that time have been tempered due to the lack of insurance payouts on recent events and an updated outlook on the risks associated with cloud service providers. While we continue to model events that have never occurred (such as a severe AWS outage), we’ve also evaluated alternative scenarios and adjusted loss projections based on the expertise of our risk-modeling and cyber teams.

The Model 4 assumptions propose a notable impact on projected losses for the millions of companies that we track. For example, projected losses are lower for cloud service provider outages in Model 4 because of the changes that we made in some of the model’s assumptions to reflect the increased maturity of cloud service providers. Cloud service providers are more resilient than ever before, evidenced by a lack of incidents that lead to large outages. The widespread adoption of cloud services and increased competition have resulted in greater stability of services, due partly to lessons learned by major providers, who addressed weaknesses in their infrastructure to enable better reliability and scalability. By factoring in the technological progressions and industry trends, Model 4 enables a more precise and accurate risk assessment for underwriters and informed capital decisions for actuaries, thereby reducing the risk of customer attrition due to over-estimated risk exposure and sub-optimal pricing.

  • Increased model transparency and the ability to explain outputs

Some of the biggest challenges faced by enterprise risk managers are identifying the most meaningful events and being able to explain the model outputs. In Model 4, we’ve adjusted the event definitions so they are more consistent and relevant to risk management. We’ve also enhanced the application’s user interface with the addition of heatmaps for loss analysis and key performance metrics for portfolio analysis by revenue, industry, and geography. Moreover, the availability of the Cyence Help Center provides details about both Cyence for Cyber Risk Management and the Cyence cyber risk models, enabling customers to access and search the latest product information whenever they need it. All of these enhancements empower enterprise risk managers with self-service capabilities to better understand, interpret, and explain Cyence models and outputs.

As always, given the pace of data generation and technological evolution, we’ll continue to reinvent and enhance the Cyence risk model to provide more accurate assessment of 21st-century risk in dollars and probability. Model 4 is a significant step in this journey. It provides the stability, granularity, and traceability of model outputs for users to efficiently report, better explain, and more accurately formulate capital decisions.

To learn more, please contact us here.