skip to navigation skip to content
 

Cyber Exposure Data Schema (v0.9)

The market for cyber insurance is growing rapidly and there are several initiatives to develop models of cyber risk and tools for cyber risk management decision support. 

Overview

The Centre for Risk Studies proposed to develop an exposure data schema – a specification for structured information records in a database – to capture cyber insurance exposure in a way that can be standardized across insurance industry participants, to:

  1. Enable models to be developed for cyber risk that will be applicable to multiple users, 
  2. To facilitate risk transfer to reinsurers and other risk partners, and risk sharing between insurers
  3. Provide a framework for exposure-related dialogues for risk managers, brokers, consultants and analysts. 

The schema was developed initially through consultation with a small number of development clients and in subsequent stages, where necessary, was expanded to broader industry review. It was intended to capture the main lines of business affected, with key attributes that are relevant to accumulation management, and that will map to losses resulting from cyber scenarios. 

This data schema is intended to be agnostic to the type of model and account management system being used, to facilitate analysis broadly, and expand the cyber insurance industry. 

This report sets out an updated version of the schema incorporated the feedback received by the Centre. It sets out the consensus principles for the schema, the structure and the proposed tables and definitions of the components. 

Acknowledgements

The development of this schema would not have been possible without the resources applied to the project by the research team at the Centre for Risk Studies, which was made possible by project funding provided by Risk Management Solutions. (RMS); Amlin; Aon Benfield; Axis Capital; Barbican Insurance Group; Canopius Managing Agents; RenaissanceRe; Talbot Underwriting; and XL Catlin.