Assessment of risks in cyber insurance
Duration: 60 minutes
A cyber risk assessment is, by its very nature and extent, dependent upon threats (e.g. by actors and the attractiveness of the organisation as a target), potential loss scenarios (e.g. by mere impact or legislation and jurisdiction), the activities of the insured party (industry sector) and coverage related specifications (content and limits, reinsurance). A methodology for cyber risk assessments can follow different approaches, but they are almost always based on an international standard for information security.
The Munich Re approach takes two dimensions into account: exposure and information security. The identification and evaluation of level of information security follows the globally available and internationally accepted standard for information security management systems (“ISMS”), as available in the ISO 27k family and published by the International Standardization Organization.
- Introduction into the methodology of cyber risk assessment
- Identification and evaluation of cyber exposure
- Identification and evaluation of information security
- Spot on tools for cyber risk assessment
- Spot on further underwriting aspects