Barbican will use the FICO Enterprise Security Score in underwriting decisions and provide subscriptions to policyholders to promote ongoing cyber risk reduction
- Barbican Insurance Group has selected the FICO® Enterprise Security Score as its predictive analytic measure of cybersecurity risk for breach insurance underwriting.
- The partnership will also provide Barbican’s insureds with access to the FICO® Enterprise Security Score Portrait product, enabling continual cyber risk mitigation.
- In addition, Barbican will offer premium credit to all of its cyber policyholders that subscribe to the Enterprise Security Score.
Silicon Valley analytics firm FICO today announced its partnership with Barbican Insurance Group (Barbican), a multi-platform insurance group that underwrites business predominantly through its syndicates at Lloyd’s of London, and which provides global cyber insurance coverage to its insureds. Barbican will use the FICO® Enterprise Security Score to measure the cybersecurity risk of insureds, and will also provide insureds with access to the FICO® Enterprise Security Score Portrait product, which can help a firm identify and mitigate weaknesses in its defences.
More information: http://www.fico.com/en/products/fico-enterprise-security-score
As cyber insurance is a relatively new class of insurance, underwriters have lacked historic actuarial data upon which to base underwriting decisions. The FICO Enterprise Security Score provides an accurate, empirical, and forward-looking assessment of the overall cyber risk exposure of an enterprise, which insurers can use for underwriting, pricing and ongoing portfolio management.
“We partnered with FICO because of its expertise and experience in predictive analytics and its strong focus on risk quantification,” said Graeme King, business group leader for cyber at Barbican. “The FICO Enterprise Security Score gives our underwriters a predictive, stable and objective rating to help better assess cyber risks. It also encourages our insureds to improve their cybersecurity. Using the FICO Enterprise Security Score Portrait product, our insureds receive actionable information to help them proactively strengthen their defences and reduce their exposure to potential risks.”
The FICO Enterprise Security Score is unique in its machine learning approach, internet-scale data collection and pool of curated exemplars. While other firms leverage judgmental assessments and focus on producing the longest possible list of potential vulnerabilities, FICO’s purely empirical techniques apply data-driven risk quantification and allow the user to focus exclusively on issues that are demonstrably correlated with breach outcomes. Jeffrey Wheatman, research director at Gartner, notes, “By 2022, cybersecurity ratings will become as important as credit ratings when assessing the risk of business relationships.”*
“FICO has a history of delivering powerful risk metrics to the insurance industry and the consumer credit space,” said Doug Clare, FICO’s vice president for cybersecurity solutions. “Partnering with Barbican Insurance to give their underwriting team the ability to better measure and manage their portfolio risk is part of our focus on delivering an industry-standard score to the cyber insurance market. By offering premium credit to their cyber policy holders for the use of the FICO Enterprise Security Score Portrait, Barbican is taking risk mitigation much further than the yearly assessments that are common today.”
The FICO Enterprise Security Score is based on an algorithm that leverages supervised machine learning techniques to associate conditional and behavioral characteristics of organisations’ security practices with data breaches. Ranging from 300 to 850, the score provides strong separation between high-risk and low-risk organisations, and is the strongest predictor available in the market for discerning the go-forward cyber breach risk of any enterprise. Explainable AI techniques provide the top reasons for each score and advanced anomaly detection identifies weakest assets, allowing users an opportunity to proactively prioritise and remedy their organisational cyber defense.
*Gartner, “Predicts 2018: Security and Risk Management Programs,” Rob McMillan et al, 16 November 2017.