Reinsurance broker Willis Re on Tuesday launched a tool designed to help insurance companies gauge their portfolios’ exposure to cybersecurity risks, the latest effort to develop a growing market that has nonetheless faced worries about potential pitfalls.
The tool, called PRISM-Re, is meant to help insurance companies understand how much risk they face should they have to pay out for everything from managing a cyberattack crisis to hiring credit monitoring services should private data be breached.
“There’s still a little bit of hesitation (among insurers) about, ‘how do I understand what my overall exposure might be’,” said Alice Underwood, head of analytics for Willis Re North America. Willis Re is the reinsurancedivision of Willis Group Holdings.
“Once there’s a model out there that people can talk about, there’s a benchmark that people can start referencing in their financial transactions,” she added.
Cybersecurity has become a major concern both for companies facing a barrage of attacks as well as insurers trying to figure out how much of that risk they can afford to underwrite.
Last year’s high-profile attack against Sony Corp, for instance, brought that company headlines for everything from pay disparities among its employees to internal critiques about the company’s own movies.
Other attacks have spooked consumers, with retailers Target and Home Depot both reporting the theft of such personal data as credit card numbers in recent years.
A 2014 McAfee study estimated cybercrime cost the global economy anywhere from $375 billion to $575 billion annually.
But the growth of the cyberinsurance market has been constrained by several factors, among them the lack of a risk model to gauge the extent of possible damages as well as the evolving nature of both attacks and defenses.