Multi-tool approach to enhance cyber risk assessment, says Lockton Re

In its latest cyber report, reinsurance broker Lockton Re evaluates vulnerability scanning tools and highlights the need for multiple methods to assess and manage cyber risk amid growing digital complexity.

As digital networks become more complex, companies face increasing exposure to cyber threats. By 2025, it’s expected that half of the world’s data will be stored in the cloud, raising the risk of attacks both internally and through downstream suppliers, including indirect reliance on services or technologies used by third parties.

Jacqueline Yeo, lead author of the report and Cyber Analytics Lead, Lockton Re, noted, ”The development of this specialist technology illustrates the pace of innovation taking place in the cyber insurance industry. There is still a wide range of techniques deployed, as well as outcomes delivered, and users should be aware of the limitations of these tools.

Yeo added, “However, when used in conjunction with other underwriting and aggregation methodologies, scanning solutions can provide valuable additional insights. We researched the following emerging scanning tools with an independent data set: Cyberwrite, ISS, Kynd and Orpheus, to create the report.”

The report stresses that scanning tools are not a complete solution for cyber security but should be part of a broader set of measures. Proper interpretation of vulnerabilities is essential, as context is key to understanding risks.

Oliver Brew, co-author of the report and Cyber Practice Leader, London, Lockton Re, commented, “Cyber risk data providers play a valuable part in assessing cyber security risk. They can provide sensitivity tests for the exposure data used in the catastrophe models, as well as provide a key second view of risk. However, it’s important to use these tools as part of best practices in portfolio management, like those promoted by regulatory bodies and Lloyd’s of London in their regulatory capability matrix, to promote more than one view of risk.”

In the evolving field of cyber risk modelling, employing a range of tools provides a more comprehensive risk view and leverages advancements in vulnerability scanning, while avoiding the pitfalls of over-reliance on a single model.

Similar to the natural catastrophe field, where missed exposures have led to significant losses, integrating scanning tools can enhance risk assessments and prevent such issues.

This website states: The content on this site is sourced from the internet. If there is any infringement, please contact us and we will handle it promptly.