Actuarial Outpost
 
Go Back   Actuarial Outpost > Actuarial Discussion Forum > Property - Casualty / General Insurance
FlashChat Actuarial Discussion Preliminary Exams CAS/SOA Exams Cyberchat Around the World Suggestions


Fill in a brief DW Simpson Registration Form
to be contacted when new jobs meet your criteria.


Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 04-01-2018, 04:03 PM
TDH TDH is offline
Member
CAS Non-Actuary
 
Join Date: Dec 2016
Posts: 44
Default What's the exposure measure for cyber insurance

To those who writing it, what factors are you looking at generally? And what's the main exposure measure? I was thinking people who be using the turnover of the firm of something alike as a main exposure base - or are people just using the amount of coverage. Any ideas?

Last edited by TDH; 04-01-2018 at 04:06 PM..
Reply With Quote
  #2  
Old 04-01-2018, 05:48 PM
Vorian Atreides's Avatar
Vorian Atreides Vorian Atreides is offline
Wiki/Note Contributor
CAS
 
Join Date: Apr 2005
Location: As far as 3 cups of sugar will take you
Studying for ACAS
College: Hard Knocks
Favorite beer: Most German dark lagers
Posts: 62,718
Default

I doubt that you're going to get any responses from those who are active in that field due to proprietary knowledge.

I would suggest broadening the topic to just consider what are the underlying issues (regardless of what an actual company does).

It might also be helpful to take into consideration of pricing for a large account vs. "manual rating" where you develop a rate for a class of risks.

As it is, I am not involved in this area.

It would seem to me that one key element for large account pricing would be the number of servers connected to the internet would be a key consideration. Offset that by the number of employees employed in IT security.

As for manual rating, that would most likely be number of business locations.
__________________
I find your lack of faith disturbing

Why should I worry about dying? Itís not going to happen in my lifetime!


Freedom of speech is not a license to discourtesy

#BLACKMATTERLIVES
Reply With Quote
  #3  
Old 04-02-2018, 05:02 AM
TDH TDH is offline
Member
CAS Non-Actuary
 
Join Date: Dec 2016
Posts: 44
Default

Quote:
Originally Posted by Vorian Atreides View Post
I doubt that you're going to get any responses from those who are active in that field due to proprietary knowledge.

I would suggest broadening the topic to just consider what are the underlying issues (regardless of what an actual company does).

It might also be helpful to take into consideration of pricing for a large account vs. "manual rating" where you develop a rate for a class of risks.

As it is, I am not involved in this area.

It would seem to me that one key element for large account pricing would be the number of servers connected to the internet would be a key consideration. Offset that by the number of employees employed in IT security.

As for manual rating, that would most likely be number of business locations.
Thanks!
Reply With Quote
  #4  
Old 04-02-2018, 08:01 AM
NormalDan's Avatar
NormalDan NormalDan is offline
Member
CAS
 
Join Date: Dec 2016
Location: NJ
Posts: 6,657
Default

Quote:
Originally Posted by Vorian Atreides View Post
Offset that by the number of employees employed in IT security.
Ha!
Reply With Quote
  #5  
Old 04-02-2018, 07:26 AM
PeppermintPatty's Avatar
PeppermintPatty PeppermintPatty is offline
Member
CAS
 
Join Date: Sep 2001
Posts: 37,840
Default

I am also not in the field, but I would have guessed it would have be rated like general liability, and the pricing would look at some general measure of size of company (like revenue) for the exposure, and what business they are in (retail, hospital, manufacturing) for the manual rate.
Reply With Quote
  #6  
Old 04-02-2018, 08:19 AM
Maphisto's Sidekick's Avatar
Maphisto's Sidekick Maphisto's Sidekick is offline
Member
CAS
 
Join Date: Nov 2001
Location: South Park Genetics Lab
College: Ardnox
Favorite beer: The kind with alcohol
Posts: 2,467
Default

Quote:
Originally Posted by TDH View Post
To those who writing it, what factors are you looking at generally? And what's the main exposure measure? I was thinking people who be using the turnover of the firm of something alike as a main exposure base - or are people just using the amount of coverage. Any ideas?
A single, standard exposure base has not yet emerged for the industry.

I've seen revenue, number of employees, number of records, ....
Reply With Quote
  #7  
Old 04-03-2018, 07:38 PM
Arlie_Proctor Arlie_Proctor is offline
Member
CAS AAA
 
Join Date: Dec 2001
Location: N.J.
College: Indiana University
Favorite beer: Becks
Posts: 1,181
Default

You also need to be specific in your questions regarding whether you are looking at liability or first party coverages. The costs to recover and cleanse your own systems after an intrusion are completely different from the question of what the hacker stole from your systems and what it will cost to protect the consumers who gave you that data. Consider the difference between a retailer who uses a third party POS system and only tracks inventory internally to a bank and I think you'll see a big difference in liability exposures, all other things being equal.

In the interest of full disclosure, I don't work directly with cyber coverages.
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


All times are GMT -4. The time now is 12:55 AM.


Powered by vBulletin®
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
*PLEASE NOTE: Posts are not checked for accuracy, and do not
represent the views of the Actuarial Outpost or its sponsors.
Page generated in 0.21626 seconds with 9 queries