Cyber Insurance Analysis

Portfolio Exposure Management
Cyber Underwriting & Risk Selection
CRIMZON™

Portfolio Exposure
Management

Stress Test Cyber Risk Accumulation Scenarios

Meet Board & Regulatory Compliance Requirements
Meet Board & Regulatory Compliance Requirements
Validate and Modify Cyber Underwriting Guidelines
Validate and Modify Cyber Underwriting Guidelines
Monitor Cyber Capacity
Monitor Cyber Capacity
Assess Capital Management Strategies
Assess Capital Management Strategies
Determine Reinsurance/ Retro Coverage Needs
Determine Reinsurance/ Retro Coverage Needs

Key Advantages

Portfolio Exposure
Management plaformLearn more
Proprietary Cyber Catastrophe Modeling Framework

Proprietary Cyber Catastrophe Modeling Framework

Our framework is based on an extensive analysis of the characteristics of historical cyber risk events including triggers, propagation and impact. The framework uses Kovrr’s proprietary event catalog with more than 100,000 synthetic events for loss simulation which vary from cloud provider outage in a specific territory to massively distributed global ransomware attacks and other tail events.

Multi model quantification

Multi-Model Loss Quantification

Detailed event catalog provides a full view of risk, allowing view of loss by category - catastrophic loss events, large loss events, and attritional loss events.

Visibility into Potential Accumulations and Tail Events

Visibility into Potential Accumulations and Tail Events

Achieve clear visibility to probable maximum losses due to potential large loss and catastrophic cyber events. Leverage Kovrr’s impact based modeling framework to assess known knowns and known unknowns by applying probabilistic and deterministic cyber risk scenarios, including Lloyds RDS.

Insights into New Emerging Vulnerabilities

Insights into New Emerging Vulnerabilities

The Kovrr platform reflects emerging exposures and allows (re)insurers to control risk accumulation by notifying them when pre-defined risk thresholds are crossed. 

Silent Risk Exposure

Silent Risk Exposure

Gain visibility to risk associated with potential cyber triggered claims within any commercial P&C insurance book.

Monitoring Portfolio Aggregations

Monitoring Portfolio Aggregations

Calculate aggregated exposure to cyber risk in your portfolio while taking into account systemic risk stemming from different types of policies within various lines of businesses. 

Stress Test any P&C Portfolio Against Cyber Catastrophes

Stress Test any P&C Portfolio Against Cyber Catastrophes

(Re)insurers can assess their cyber exposure in any type of (re)insurance’s book using a list of predefined scenarios, both historical and synthetic. They can also custom build their own scenarios. For example, a reinsurer can quantify the exposure of its commercial property book to a large scale business interruption event such as the NotPetya ransomware attack.

Cyber Underwriting
& Risk Selection

Predict & Price Cyber Risk

Quantify Cyber Risk for New and Existing Insureds
Quantify Cyber Risk for New and Existing Insureds
Grow your Cyber Book while Maintaining Profitability
Grow your Cyber Book while Maintaining Profitability
Operationalize Cyber Risk Management
Operationalize Cyber Risk Management
Monitor Pricing Strategies
Monitor Pricing Strategies
Cyber Risk Quantification (CRQ)

Cyber Risk Quantification (CRQ)

Asses potential economic impact, insured annual average loss (AAL), and probable maximum loss (PML) broken down by coverage.

Contextual Actionable Underwriting Insights

Contextual Actionable Underwriting Insights

Understand the projected insured attritional and large loss of specific risk scenarios such as data theft, denial of service, ransomware, extortion, etc. Kovrr helps insurers segment customers and diversify their book via analysis of a company's use of commercial software, geography, third party services and susceptibility to a cyber attack.

Efficient Prospecting

Efficient Prospecting

Pinpoint potential clients for cyber insurance within your existing P&C portfolios.

Comprehensive Data Acquisition & Augmentation

Comprehensive Data Acquisition & Augmentation

Shorten or eliminate the questionnaire process by augmenting missing information, validating provided data and cutting out questions from the insurance application. Power digital rate-quote-bind portals.

CRIMZON™

Cyber Risk Impact Zones

Download the framework in order to measure & understand your catastrophic cyber risk exposure.


CRIMZON1

What is CRIMZON™? 

Cyber Risk Impact Zones (formerly known as CRA-Zones) were established to provide an easy to use open framework to measure and understand catastrophic cyber risk exposure. The Crimzon framework defines the minimal elements needed to provide a view of aggregated  cyber exposure. CRIMZON allow for analysis across multiple portfolios of risks and monitoring of exposure trends. The framework was also created to support regulatory efforts for setting a standard for data collection for cyber exposure management.

For natural catastrophe risk, individual policy exposures can be aggregated within geographic zones. Similarly, cyber exposures can be aggregated using Crimzon. Geographic location is still important when assessing cyber catastrophe risk, however, two additional elements must be taken into account to properly assess cyber risk aggregation - industry sector and company size.  The foundation of the Crimzon is built on acquired historical data and continuous analysis of millions of cyber incidents worldwide.

Analysis has shown a significant correlation between companies from the same location and industry tending to use the same third-party service providers and technologies, leaving them exposed to corresponding cyber attacks. Additionally, the analysis demonstrated that entity size has a direct correlation to technologies used, cyber preparedness, security policies, cybersecurity spending, and level of sophistication of cyber attacks.

Download Framework

What are the elements of the CRIMZON™?

Location

Location

Country level worldwide and state granularity in the US -based on the ISO-3166 Alpha-2 standard.

Industry

Industry

Industry classification breakdown based on the SIC classification system with additional granularity options. 

Size

Entity Size

Four categories based on commonly used revenue bands.

Download Framework

CRIMZON Data Granularity

The framework is built to accommodate users with various levels of data. In cases with insufficient data,  an automated data extrapolation technique can be applied for cyber exposure analysis using Crimzon.
 
Zones can be viewed with low or high granularity. The views are built to accommodate the ability to use the platform despite varying quality of data within a group of risks

Low Granularity

Location
243 Countries
Industry
10 Divisions
Company Size
4 Revenue Band Size Classifications
Number of Zones
9,729

High Granularity

Location
243 Countries + 57 US States & Territories
Industry
10 Main divisions + 83 Subdivisions
Company Size
4 Revenue Band Size Classifications
Number of Zones
99,268
CRIMZON3

Advantages of implementing
CRIMZON™

Open framework - No need to license a model
Understand  your cyber risk accumulation
Facilitate portfolio risk diversification
Easily track portfolio aggregation trends
Gain a view of risk that reflects risk accumulation across multiple portfolios
Download Framework

Benefits of Applying Additional Data Layers on CRIMZON™

Detect correlation between risk accumulation & cyber attacks trends
Monitor compliance with defined risk appetite 
Support regulatory reporting obligations 
Financially quantify probable maximum loss (PML) events
Benchmark to average losses and average industry exposure per zone 
Download Framework
CRIMZON2

CRIMZON™ Coding System

CRIMZON5

*United states_Virginia_Services_Business Services_Large Company

Download Framework

Example Portfolio

CRIMZON4

Want to learn more about CRIMZON™?

Get in touch!