Cowbell, the provider of cyber insurance for small and medium-sized enterprises (SMEs), has released a new whitepaper, “Modeling Catastrophic Cyber Events”, which lays out a path to model catastrophic cyber events in the SME market.
Cowbell’s goal is “to help SMEs prevent and recover from a cyber event of catastrophic proportions, providing a framework for modeling such events.”
While systemic events such as the 2008 financial crisis and the COVID-19 pandemic have impacted SMEs, there has “not yet been a systemic cyber event with a widespread catastrophic impact.”
Cowbell’s whitepaper “outlines existing risks, advises SMEs on how to shore up their cyber defenses, and explores how data can help inform catastrophic (CAT) modeling in case of an unprecedented cyber event.”
SMEs are “foundational to the health of the U.S. economy, creating nearly two-thirds of new jobs and accounting for 44% of U.S. economic activity.”
Understanding and quantifying catastrophic cyber events in the SME market is critical to unlocking the capacity “required to address market demand and protect against devastating attacks.”
Dan Palardy, lead actuary at Cowbell, said:
“In 2023, cyber insurance providers will articulate relevant models for catastrophic cyber events in the critically important SME market. We are proud to lead the charge. With Cowbell’s accumulated insights into the behavior of the SME market over the past three years, we are uniquely positioned to help narrow and mitigate the impact of catastrophic cyber events in our market. We’re excited to share this whitepaper that paves the way for the future of CAT modeling.”
Analyzing data and insights from SMEs and analyzing the vulnerabilities of the broader SME cyber ecosystem and their interconnections will “result in more accurate quantification of cyber systemic risk.”
Cowbell is paving the path “to evaluate catastrophic events in the SME market while highlighting the differences between systemic risks, catastrophic events and mitigating strategies that are already in place.”
The nature of cyber risk in the SME market “differs from large enterprises, and opportunities for remediation diverge from geographical areas impacted by natural disasters.”
CAT modeling is not “one size fits all” and there “are shortcomings in extending the current models – those applied to natural catastrophes or large enterprises – to SMEs.”
The nature of cyber threats “impacting SMEs makes basic cybersecurity hygiene effective against these threats.”
The more predictable nature of cyber incidents, “compared to natural catastrophes, enables the SME ecosystem to organize and prepare effective responses that diminish the impact of cyberattacks.” Cyber insurance providers can “help narrow the protection gap with clearly defined risk and proactive, augmented underwriting.”