AIG launches new cyber model

American International Group, Inc. (AIG) has announced a new cyber benchmarking model that quantifies and scores client cyber risk.

The model evaluates a client’s cyber security maturity against 10 common attack patterns across 11 commonly used technology devices. The model incorporates critical security data, such as current threat intelligence from multiple sources, effectiveness of an organisation’s cyber controls, potential impact of a cyber breach on an organisation, and insights gained from the thousands of cyber claims.

AIG cyber clients, who provide the required information, can receive a report detailing security scores, peer benchmarking, and key risk mitigation controls to help quantify cyber risk.

“We developed the model based on historical insights and patterns of how companies experience cyber breaches – the points of entry and the types of attacks and vulnerabilities seen in the vast majority of cyber breach scenarios,” says Tracie Grella, head of Cyber Risk Insurance, AIG. “Companies have been demanding a way to benchmark their cyber maturity against these known cyber risks to quantify what they are up against and where they stand.”

To further support its model, AIG is launching CyberMatics, a patent pending security approach with leading AI cyber security companies CrowdStrike and Darktrace. CyberMatics verifies inputs into AIG’s model from clients’ cyber security tools. This provides greater confidence in underwriting information, and ultimately allows for better tailored terms and conditions in cyber insurance policies.