Cyber crime costs billions of dollars globally. Cyber security breaches can have adverse effects on an organization’s business and reputation. While several insurance companies now offer protection across a wide variety of cyber attacks, it is important to understand how an attack can spread across an organization’s computer network. This presentation reviews certain methods that can be used to factor in the structure of a company's IT system in the underwriting process. Research using contagion models to track the spread of a computer virus over a network can be used, along with knowledge of a company's security level to generate risk profiles and calculate the expected value at risk based on probability of a given node being affected.
A network theory based approach to pricing cyber risk