Barbican Insurance Group partners with FICO
As cyber insurance is a relatively new class of insurance, underwriters have lacked historic actuarial data upon whc to base underwriting decisions. To overcome this, Barbican Insurance Group will use the FICO Enterprise Security Score (www.fico.com/en/products/fico-enterprise-security-score) in underwriting decisions, and provide subscriptions to policy holders to promote ongoing cyber risk reduction. Using the FICO system, Barbican will be able to measure the cybersecurity risk of insureds, and will also provide insureds with access to the FICO® Enterprise Security Score Portrait product, which can help a firm identify and mitigate weaknesses in its defences.
“FICO has a history of delivering powerful risk metrics to the insurance industry and the consumer credit space,” said Doug Clare, FICO's vice president for cybersecurity solutions. “Partnering with Barbican Insurance to give their underwriting team the ability to better measure and manage their portfolio risk is part of our focus on delivering an industry-standard score to the cyber insurance market. By offering premium credit to their cyber policy holders for the use of the FICO Enterprise Security Score Portrait, Barbican is taking risk mitigation much further than the yearly assessments that are common today.”
The FICO Enterprise Security Score provides an accurate, empirical, and forward-looking assessment of the overall cyber risk exposure of an enterprise, which insurers can use for underwriting, pricing and ongoing portfolio management.
“We partnered with FICO because of its expertise and experience in predictive analytics and its strong focus on risk quantification,” said Graeme King, business group leader for cyber at Barbican. The FICO Enterprise Security Score gives our underwriters a predictive, stable and objective rating to help better assess cyber risks. It also encourages our insureds to improve their cybersecurity. Using the FICO Enterprise Security Score Portrait product, our insureds receive actionable information to help them proactively strengthen their defences and reduce their exposure to potential risks.”
The FICO Enterprise Security Score is unique in its machine learning approach, internet-scale data collection and pool of curated exemplars. While other firms leverage judgmental assessments and focus on producing the longest possible list of potential vulnerabilities, FICO’s purely empirical techniques apply data-driven risk quantification, and allow the user to focus exclusively on issues that are demonstrably correlated with breach outcomes.
Jeffrey Wheatman, research director at Gartner, notes, “By 2022, cybersecurity ratings will become as important as credit ratings when assessing the risk of business relationships.”