Silicon Valley analytics firm FICO today announced that the FICO® Enterprise Security Score is the first cyber security rating to include powerful risk assessment and modelling capabilities to help insurers make better underwriting, pricing and portfolio decisions, and meet profitability targets for their cyber book of business.
With the insurance dashboard, underwriters can embed individualised risk assessment for each policy in their portfolio analysis, including dependency/vendor risks, giving the underwriter the greatest flexibility in modelling various risk scenarios. Using the dashboard, underwriters can:
- Calculate a range of risk metrics, such as probable maximum loss (PML).
- Inject their organisation’s historical distribution information on overall claimable loss and losses in subcategories such as legal fees and crisis management, to determine a much more granular and accurate exposure assessment catered to their market segment.
- Simulate various risk scenarios and model their financial risks under a variety of complex conditions.
- Model both primary insured risk and risk from primary insureds’ fourth-party relationships.
- Review risks at a policy, portfolio and book-of-business level.
- Include historical claim and performance data as well as policy terms into the overall financial picture.
- Model potential failures at common fourth-party vendors, in order to find hidden dependencies across their portfolios.
According to a survey last year, just 32 percent of UK companies have a data breach action plan in place, and only 50 percent change their passwords every three months. A Freedom of Information request in 2018 found that 29 percent of UK councils and local authorities suffered a cyber attack in 2017, with 25 councils reporting a loss of data.
“This is a big step forward for cyber security insurance, which is one of the newer forms of business insurance,” said Doug Clare, who oversees cyber security solutions at FICO. “Just as lenders use the FICO Score to understand risk at the consumer and portfolio level, the FICO Enterprise Security Score shows insurers risk across their cybersecurity book, based on a very detailed, policy-level risk assessment. We’re seeing a lot of interest from insurers in using these powerful tools.”
The FICO® Enterprise Security Score performs a complex assessment of an organisation’s network assets, applies advanced predictive algorithms, and then condenses the results down to a three-digit score that rank-orders based on the odds of breach for the organisation. Companies can use this score to understand and track their own performance, or evaluate the security risk of their vendors and other business partners. FICO’s score is the first in the industry to quantify the risks introduced by 4th parties — a partner or vendor’s vendors. FICO was part of a consortium of industry leaders that developed new guiding principles for cybersecurity ratings.