The market for cyber insurance is growing rapidly and there are several initiatives to develop models of cyber risk and tools for cyber risk management decision support.
The Centre for Risk Studies proposed to develop an exposure data schema – a specification for structured information records in a database – to capture cyber insurance exposure in a way that can be standardised across insurance industry participants to:
- Enable models to be developed for cyber risk that will be applicable to multiple users
- Facilitate risk transfer to reinsurers and other risk partners, and risk sharing between insurers
- Provide a framework for exposure-related dialogues for risk managers, brokers, consultants and analysts.
The schema was developed initially through consultation with a small number of development clients and in subsequent stages, where necessary, was expanded to broader industry review.
The previous versions of the data schema are publicly available to allow transparency and insight into the development process. The schema was intended to capture the main lines of business affected, with key attributes that are relevant to accumulation management, and that will map to losses resulting from cyber scenarios.
This data schema is intended to be agnostic to the type of model and account management system being used, to facilitate analysis broadly, and expand the cyber insurance industry.
This report sets out an updated version of the schema incorporated the feedback received by the Centre. It sets out the consensus principles for the schema, the structure and the proposed tables and definitions of the components.
Cyber Exposure Data Schema V0.9
The third consultation document for the development of a standard data schema for managing cyber exposures, incorporating feedback from previous consultation rounds.
Cyber Exposure Data Schema V0.5
The second consultation document to develop a standard data schema for managing cyber exposures. Includes market practice review.
Cyber Exposure Data Schema V0.1 Principles
The first consultation document on the principles for developing a standard data schema for managing cyber exposures.
The development of this schema would not have been possible without the resources applied to the project by the research team at the Centre for Risk Studies, which was made possible by project funding provided by Risk Management Solutions. (RMS); Amlin; Aon Benfield; Axis Capital; Barbican Insurance Group; Canopius Managing Agents; RenaissanceRe; Talbot Underwriting; and XL Catlin.