From The Great Cyber Unknown To The Known

As an advisory board member, and client facing consultant for Corax, I see a wide spectrum of understanding of cyber risk – from huge expectation to bafflement. But there’s a constant theme… “the aggregation is infinite, you can’t manage it, it’ll be the ruin of us all.”

It’s a fair point. I had the same concerns when working with DXC and advising on the cyber space four years ago. A lot has changed since then.

Corax is fulfilling its long-term objective by transforming the cyber space from the unknown to the known. With its new platform being released next month, one of the key new functionalities is multi-performance aggregation.

Some competing vendors have Event Loss Tables (ELTs), but not segmented per event by all the core drivers of loss. This theme of transparency is core throughout Corax, enabling users to understand quickly the profile of an event.

A second addition in the new version is the ability for users to pull out select scenarios from the ELT for scenario aggregation of their portfolio and individual policy. This means the client has two methodologies for aggregation. A fully stochastic approach, or a deterministic realistic disaster scenario (RDS) style review.

Now, none of this is news to the cat modelling fraternity, but sadly there is a shortage of cyber expertise within the insurance industry.With other vendors a client would need to make an event up from scratch, which is difficult for somebody with no experience or expertise in cyber. Instead we allow a client to take out an individual event from our ELT suite, meaning a client can focus on the return period and aggregation of the event to their portfolio, rather than the scientific creation of the event. It’s because of this functionality that Corax is part of the cyber panel working with Lloyd’s to establish a new cyber RDS suite.

If that wasn’t enough, the headline act of the new Corax release is the ability for clients to create their own view of risk within the platform. How is this possible? First users have the ability within the platform to analyse everything – understanding the loss history of events, the profiles of risk, the structure of events, and the allocated return period etc. With this insight, users can then change any parts of the frequency on any select events to create a bespoke ‘client view’.

With great power comes great responsibility. To help support clients with this new paradigm, Corax has a consulting arm that can advise, analyse and deliver diligent bespoke solutions.

This is the first step to clients being able to truly take control of their cyber risk and aggregation, and support an integrated pricing view.

Corax hasn’t created a cyber model, but instead a cyber framework…. Go out and enjoy the new toys!