In a press release, the insurer said the model compares a client’s cybersecurity maturity against 10 common attack patterns and across 11 commonly used technology devices to ascertain their cyber risk. AIG said the model incorporates critical security, including current threat intelligence from multiple sources, the effectiveness of a company’s cyber controls, the potential impact of a cyber breach and insights from the thousands of cyber claims that AIG handles.
Clients who provide AIG with the necessary information will receive a report detailing their security scores, peer benchmarking and risk mitigation controls, the insurer said in the news release.
“We developed the model based on historical insights and patterns of how companies experience cyber breaches – the points of entry and the types of attacks and vulnerabilities seen in the vast majority of cyber breach scenarios,” said Tracie Grella, head of cyber risk insurance for AIG. “Companies have been demanding a way to benchmark their cyber maturity against these known cyber risks to quantify what they are up against and where they stand.”
In conjunction with the new service, AIG also said it is launching CyberMatics, a patent-pending security approach in conjunction with AI cybersecurity companies CrowdStrike and Darktrace. CyberMatics verifies inputs into AIG’s model from clients’ cybersecurity tools, providing greater confidence in the information used for underwriting.
“As an insurer, we gain a better understanding of the level of risk we are taking on with each client so we can react accordingly,” said Grella. “Our new model, combined with CyberMatics, can help our clients make informed and quantifiable decisions about their preparedness for cybersecurity risk events and insurance cover.”