Contact Us
logo image

Quantify Risk with Cyber Modeling

Moody's RMS Cyber Solutions use the latest cyber risk analytics and most current cyber risk data to quantify the risks of this dynamic peril helping you make sound underwriting, portfolio management, and risk transfer decisions.

Improve Cyber Pricing

Our financial model is calibrated for cyber risk using econometric data, robust modeling of threat factors, and our Cyber Incident Database (which includes data on millions of attacks).

Understand Market Position

The Moody's RMS Cyber Economic Exposure Database enables you to understand your relative market share and account for annual fluctuations in the U.S. cyber market.

Manage Risk Effectively

Stay ahead of the competition with the cyber risk model that helps you intelligently underwrite, diversify, and manage both catastrophic and attritional cyber risk.

Key Cyber Model Features

The comprehensive Moody's RMS cyber risk model supports (re)insurers’ end-to-end cyber risk management.

State-of-the-Art Modeling Cyber Modeling

Reflects current cyber risk assumptions, insights, and research into the underlying causal processes that impact both digital assets and operational technology.

Data Enrichment

Improve cyber model accuracy by backfilling missing exposure characteristics with a global database of over 11 million companies.

Price the Risk

Price individual cyber risks and reliably measure tail risk. At its most granular, Moody's RMS Cyber Solutions resolves down to the account level, while consistently scaling to produce full portfolio analytics.

Cyber Modeling Customization

Incorporate your own view of risk alongside the existing cyber risk model by adding user-defined alternative model parameters and adjusting the model’s severity.

Get a Complete View of Cyber Risk

The increasing risks posed by cyber attack, security breaches, and cyber threat make it critical that insurers have a complete view of potential vulnerabilities and exposure aggregations. Moody's RMS cyber risk models assess attritional risk (one-off), large event, and catastrophic event losses for a comprehensive perspective and the ability to improve risk selection and pricing. The Moody's RMS financial model is calibrated using econometric data, robust modeling of factors, and our Cyber Incident Database which includes data on millions of attacks. 

Moody's RMS solutions model a range of sub-perils, including data breach, cloud service provider failure, denial of service (DDOS), contagious malware, and ransomware. Our cyber risk models are regularly updated with new features and functionalities, as well as the latest attack information to help our clients optimize portfolios. With cyber expert insights, Moody's RMS clients can maximize growth and manage exposure by having fast access to the most useful data for measuring cyber risk, including silent cyber risks, key return period losses, and tail event impacts. 

Read More Read Less
cyber

Cyber Risk Modeling: Buyer’s Guide

As cyber risk continues to rapidly evolve, it can be challenging to decide which modeling approach best captures the risk and fits your needs. The Moody’s RMS Cyber Solutions buyer’s guide can help you ask the right questions so that you can start quantifying your cyber exposure, uncovering loss drivers, and maximizing capacity.

Learn More

Related Cyber Solutions

Moody's RMS Cyber Solutions offer a full range of cyber risk modeling, quantification and management solutions to help (re)insurers regardless of the maturity of their cyber business.

Professionals using cyber modeling solutions

Underwriting Solution

Moody's RMS Cyber Solutions Underwriting enables effective pricing of affirmative cyber risk contracts. Using the same modeling engine as the portfolio management application to ensure consistency and compatibility, this tool leverages hundreds of thousands of real-world cyber incidents to provide the most current representation of an ever-evolving threat.

Building scape emphasizing importance of cyber modeling for property portfolios

Portfolio Management Solution

Moody's RMS Cyber Solutions Portfolio Management facilitates portfolio optimization and the setting of capital requirements, effectively capturing both affirmative and silent cyber risk within your book.

Digital depiction of Moody's RMS cyber industry exposure database

Moody's RMS U.S. Cyber IED/EED

Get a broader view of risk through the Moody's RMS® U.S. Cyber Economic Exposure Database (EED) and Moody's RMS® U.S. Cyber Industry Exposure Database (IED) to support applications from business strategy to risk transfer.

Experienced professionals helping with cyber risk modeling and management

Cyber Consulting Services

Regardless of your size, Moody's RMS offers a wide range of consulting services and modeled outputs to assist (re)insurers with quantification, management, and operationalization of cyber risk.

Cyber risk solutions and insight from industry experts

Thought Leadership

From publications to cyber events to working with a range of cyber experts, Moody's RMS brings the latest research and understanding of cyber risk modeling to the insurance market.

Key cyber risk modeling terms

Software and Models

The Moody's RMS Cyber Solutions applications offer full access to comprehensive cyber risk models, a standardized cyber exposure data schema, configurable analysis profiles, results data, and reporting.

Spotlight

Teal Bg
Visual depiction of risk in the cyber world

A Cyber Model You Can Trust

Moody's RMS Cyber Solutions provide a transparent, flexible framework to analyze exposure and validate loss results across affirmative and silent cyber insurance policies, including property, liability, business interruption, reputational damage, environmental damage, breach of privacy, and data and software loss coverage. The intuitive interface provides streamlined data management and seamless access to analytic insights including open access to all underlying data and modeling assumptions.

Customer Success Story Improved Cyber Risk Assessments

Customer Success Story: Improved Cyber Risk Assessments

A global insurer wanted to better understand what factors were driving their cyber losses. They had previously developed an in-house model, but critical firmographics were not captured and the missing data made it difficult to generate reliable results. The insurer also wanted a single view of cyber risk across their insurance and reinsurance books so they could enhance their cyber risk strategy. 

Read how leveraging Moody's RMS Cyber solutions improved risk selection and portfolio management.   

Read More

Beyond Cyber as a Coverage

The core Moody's RMS cyber risk models can be used to quantify cyber risk arising from a range of scenarios for various coverages and categories of exposure. But to gain a complete view of risk, other Moody's RMS solutions can help (re)insurers.

Buildings impacted by terrorism risk
Probabilistic Terrorism Model (PTM)

Terrorism can be conflated with cyber risk – both involve human actors with intent to disrupt loss. Our PTM looks at conventional and non-conventional attack methods.

Learn More
Busy port highlighting the importance of risk solutions for business continuity
Marine Cargo and Specie

Estimate potential losses and risks using a vulnerability model custom-tailored to the uniqueness of the cargo and specie lines of business.

Learn More
Ocean-based oil and gas platform
Offshore Platform

Model hurricane damage to offshore platforms, rigs, wells, and pipelines throughout the Gulf of Mexico.

Learn More

Resources

Back To Start
Cyber
Blog
Cyber is Uncertain, Probabilistic, and Chaotic: It’s Time ...

Cyber risk represents one of the fastest-growing opportunities in the insurance marketplace. The cyber insurance market is set to grow at a compound annual growth rate (CAGR) of 25 percent between 2022 and 2028, to reach a market size of US$28 billion. This outpaces the growth in other insurance lines and represents a net new (and diversifying) revenue stream. But the nascent cyber market is different from long-established natural catastrophe peril markets, which are well understood in terms of loss experien...

link
Cybersecurity
Blog
Log4j Vulnerability and the Complexity of Modeling Cyber R...

The cybersecurity world has turned its focus to the discovery of a vulnerability in Log4j, a Java library for logging error messages in applications. Log4j is widely used in enterprise Java software, from well-known major vendor software applications and services to software developed in-house. Everyday users see Log4j in action when an application generates an error message, alerting the user to the error on screen, logging the error, and in some instances, giving feedback to the software vendor with details ab...

link
Gallagher Re
Publications
An Analytical Approach to Cyber Intelligence

link
Computer code
Blog
Lessons from SolarWinds Breach: How IT Supply Chain Attack...

This article was originally published in Insurance Day - click here to access (subscription required) Cybersecurity company FireEye was the first to reveal how a serious threat actor had hacked their internal network via a compromised SolarWinds Orion application, closely followed by several U.S. government agencies. SolarWinds Orion IT monitoring and management software has over 300,000 customers worldwide, including 425 of the U.S. Fortune 500 businesses, and significant penetration in many U.S. government,...

link
resource
Blog
New Ways of Modeling Property-Liability Clash and Uncoveri...

Natural disasters and other large catastrophes can trigger huge economic losses potentially among multiple insurance lines. RMS, in collaboration with research partner Cambridge Centre for Risk Studies at University of Cambridge, have developed eight template scenarios that model liability clash triggered by natural or man-made catastrophic events. This research was primarily focused on property–liability clash modeling and was the continuation of the two-year Global Exposure Accumulation and Clash (GEAC) pro...

link
Server room
Blog
Succeeding in a Changing Cyber Risk Landscape

Though a relatively new peril, cyber risk is dynamic – and 2020 has certainly been a year of rapid change in terms of the nature of cyber risk. Due to national or state-level COVID-19 lockdowns, employees around the globe left the protective IT bubble at their office buildings to work from home, causing cyber exposure to shift radically for cyber insurers. Research from Stanford University published at the end of June 2020 suggested that 42 percent of the entire U.S. labor force was working from home full time. ...

link
cyber-risk
Publications
Cyber Risk Outlook 2019

The report provides insights into the rapidly evolving world of cyber risk and describes the latest insights from RMS analysts and modelers in collaboration with the Cambridge Centre for Risk Studies.

link
resource
Blog
Quantify Your Silent Cyber Exposure With These Three Steps

In 2017, WannaCry infected computers in over 150 countries across the globe, taking out critical functions such as the National Health Service (NHS) in the U.K. One year later, the NotPetya cyberattack brought many household names to a standstill. The pharmaceutical giant, Merck, was reportedly the source of US$1.3 billion of total impact to (re)insurers from the NotPetya attack, 87 percent of which was considered silent exposure. These two major cyberattacks highlighted to insurance carriers the risk of being e...

link
discusion
Blog
Toward a Science of Cyber Risk

A new article, The Science of Cyber Risk: A Research Agenda has just been published in Science. A free, non-paywall version of this paper is available here. Written by a diverse team of 19 authors, including myself, it presents a concise argument for interdisciplinary research, to establish a scientific basis for risk analysis and management in the cyber security domain. As a leading provider of cyber risk models for the (re)insurance industry, RMS is committed to advancing the state-of-the-art...

link
system hacked
Blog
Cyberterrorism: A Risk Assessment

Technological advances in communications, computing and computer networks are exposing new vulnerabilities that terrorist groups can exploit, making cyberterrorism a potential security concern. The media has extensively discussed this issue, invoking images of massive economic losses and even larger-scale loss of life from a cyberattack executed by a terrorist group. But just how real is the threat that cyberterrorism poses? Fortunately, the fear surrounding this issue outpaces the magnitude of the risk, and in ...

link
schema
Publications
Standardized Cyber Exposure Data Schema

A data schema for a growing cyber insurance market. Cyber Insurance Exposure Data Schema v1.0

link
Contact Us

Find the Right Cyber Risk Models for Your Business

Contact Us
close button
Overlay Image
Video Title

Thank You

You’ll be contacted by an Moody's RMS specialist shortly.

CTA Text