Multinational insurer American International Group, Inc. (AIG) announced a new cyber benchmarking model that quantifies and scores cyber risk, by evaluating a company’s cyber security maturity against 10 common attack patterns across 11 commonly used technology devices.
The model incorporates critical security data, such as current threat intelligence from multiple sources, effectiveness of an organization’s cyber controls, potential impact of a cyber breach on an organization, as well as insights from claims handled by AIG.
“We developed the model based on historical insights and patterns of how companies experience cyber breaches – the points of entry and the types of attacks and vulnerabilities seen in the vast majority of cyber breach scenarios,” says Tracie Grella, Head of Cyber Risk Insurance, AIG.
To further support its model, AIG also announced a partnership with AI cyber security companies CrowdStrike and Darktrace, to launch CyberMatics, a patent pending security approach that verifies inputs into AIG’s model from clients’ cyber security tools.
The service uses artificial intelligence, or in other words, the ability of machines to carry out tasks normally associated with human intelligence, to look inside an insured company’s network for strengths and vulnerabilities, Darktrace Chief Executive, Nicole Eagan, was quoted as saying by Reuters.
“As an insurer, we gain a better understanding of the level of risk we are taking on with each client so we can react accordingly,” said Ms. Grella. “Our new model combined with CyberMatics can help our clients make informed and quantifiable decisions about their preparedness for cyber security risk events and insurance cover.”
