Digital & Technology
Opinion Article
INVITED EDITOR
Editorial from
Nova Awareness Club
July 16, 2024
9. Industry, innovation and infrastructure

9. Industry, innovation and infrastructure

Build resilient infrastructure, promote inclusive and sustainable industrialization and foster innovation
LEARN MORE

16. Peace, justice and strong institutions

Promote peaceful and inclusive societies for sustainable development, provide access to justice for all and build effective, accountable and inclusive institutions at all levels.
LEARN MORE

Meet Cyberwrite: the next step in cybersecurity

Crime and illicit activities exist since the beginning of the law-based society as we know it. In recent times, crime has taken a step forward in the way that, following the evolution of technology and the creation of private information networks, crime organizations found this technological revolution as a new approach to commit illegal actions

A brief introduction to Cybercrime

Crime and illicit activities exist since the beginning of the law-based society as we know it. In recent times, crime has taken a step forward in the way that, following the evolution of technology and the creation of private information networks, crime organizations found this technological revolution as a new approach to commit illegal actions. Cyber crime has developed massively in the last few years, evidenced by several cyber attacks and scandals that took place, in the Wikileaks case.

As Lazarus, cybercrime organizations intend to corrupt individual and collective networks, such as social media and bank accounts information systems. Hackers perform this activity, masters of computer handling and technological revolutionaries, that can work individually or for hacking organizations.

In 2012, The Wall Street Journal estimated loss to cybercrime to be $100M(although other reports placed that figure nearer to $1bn); Lloyds believed it to be $400M in 2015. In June 2017 the FBI reported losses had risen 24% in 2016 alone. A fundamental problem is that much of cyber crime goes undetected,causing regulators and financial services companies to change quickly, updating regulations and systems to improve detection rates and slowdown what is increasingly proving to be a cash cow for criminals

A recent case of cybercrime was the attack on SWIFT. Although it was stated that SWIFT provided a safe and reliable environment, numerous hacks against SWIFT have been reported over recent years, which has resulted in clients losing millions of dollars. Researchers have identified that a hacker group known as Lazarus was behind these hacks, linked strongly with North Korea. The attacks exploited vulnerabilities in member banks' systems as the hacks allowed attackers to gain control of the banks’ legitimate SWIFT credentials. What’s more, these hacks can also implant malware, which can remain hidden and allows a new resurgence of hacks later down the line. The hacks in 2015 and 2016 involved malware which issued unauthorized SWIFT messages which then concealed that the messages had even been sent. After moving the funds,the malware was designed to delete the database record of the transfers and basically leave the hackers to go undetected. A similar attack on Bangladesh’s central bank yielded $101m.

As U.S National Archives & Records Administration mentioned, “60% of companies that lose their data will shut down within six months of the disaster [i.e cyberattack].” Firms are becoming more aware of cyber risk and how destructive it can be. As a result, the number of firms contacting cyber insurance companies has been increasing, and estimates suggest that the number will increase in the future.

Forecast for sales of cyber insurance in South America. Taken from the cyber insurance market report 2019-2029

Forecast for sales of cyber insurance in South America. Taken from the cyber insurance market report 2019-2029

The role of Cyberwrite

Given the volatile environment around cybersecurity and consistently enhanced technology, Nir Perry, Cyberwrite’s CEO and founder acknowledged a marketfailure in the cyber insurance industry, with its core in two great issues:

  • Small and Medium-sized Businesses (SMBs) lack the capital to contact insurance companies and, consequently, the skills to defend from a cyber attack.
  • The majority of insurance companies were not exactly “cyber experts”. Meaning that they lacked the technology to underwrite their customers with due accuracy and come up with the appropriate policy. So, they failed to provide assistance to their customers effectively.

Therefore,in 2016, the Israeli company was founded to help insurance companies increase their sales through enhanced risk profiling, with a primary focus on SMBs. They are not,however, a cyber risk consultant nor a cyber insurance company. The company is financially backed by American and Israeli angel investors, as well as global investors and accelerators such as Citibank, Speed Invest, Plug and Play, and around 500 startups.

Cyberwrite develops cyber-profiling with the aid of AI algorithms to institutions such as insurers or banks in order to assess a profile of cyber insurance risks and estimate the financial impact they are exposed to, while comparing with the benchmark in a one-page “human-readable” report. The report we used is in fact an actual report, only the company's name was changed due to confidentiality. So, their report is divided into three parts:

Cyber Insurance Coverage scores: Cyberwrite compares the company's risk score with the industry benchmark. The higher the score, the better. In Hooli´s case,their risk policy score is relatively low. From the report, we can check how a large share of their risk score is explained by the lack of coverage regarding Business interruption, stolen records, and data loss.

Describes the different types of cyber risk and compares with the industry benchmark

 

Describes the different types of cyber risk and compares with the industry benchmark.

From this specific report, we can see how the high risk in industry [whichever industry Hooli belongs to] and the regulatory risk (risk that a change in laws and regulations will materially impact a business) are the major source of Hooli´s cyber risk. The risk is ranked from A [no risk] to E [extremely high risk].

 

Provides a financial impact assessment (FIA) of a possible cyberattack. Basically, it estimates in quantitative terms how much money the business has at risk. It also mentions the financial loss associated with each risk domain. The FIA is calculated through a simple questionnaire answered by the customer. Again, by checking Hooli´s FIA we can see how they can expect to lose from $100,000 up to $871,000 in case of a cyber attack. We can also check how a large share of this expected monetary loss is derived from the Regulatory expense. Which makes sense because, as we have seen before, Regulatory risk represents a large share of Hooli´s overall cyber risk.

 

Based on this FIA, customers can estimate how much they should pay to its insurance companies, which, ultimately, increases cyber insurance sales.

To prepare this report, all Cyberwrite requires is the company’s name and its website. They then collect data from millions of sources all over the Internet in order to estimate the risk associated with the customer.

This is a break through in the cyber insurance industry, as it enables insurance companies to make amuch more accurate estimate of how much to charge, making this market more accessible to SMBs. As a result, Cyberwrite has already received some important awards such as the UK Embassy’s British Award for Innovation in 2018 and was named a Cool Vendorin Gartner’s category “Cool Vendors in Insurance, 2018” being one in four insurtechs ever to receive this nomination.

Final comment

All in all, the insurance market is growing at a fast pace. Big budgets have been invested to ensure market-leading insurers are positioned at the forefront of change. It is estimated that approximately $1.7bn was spent in insurtech in 2016. A previously known market as change-averse is now developing rapidly with the aid of monetary expenditure and big data, which improves the creation and constant update of insurance models tailored to each business, as is the case of Cyberwrite.We can expect a continuous evolution of insurtech that is likely to improve market conditions for small and medium enterprises to emerge and grow and for big companies to continue thriving without safety constraints.

 

Students Authors: Tiago Rebelo, Filipe Ferreira, Tiago Duarte and Lourenço Paramés

This content was originally published in The Awareness News.

Nova Awareness Club
LEARN MORE
SHARE

Keep reading

Are robots taking our jobs?

A brief overview of technological disruption on industries.

Stress Management in Pandemic Times

The current pandemic has heightened the levels of stress and uncertainty, with a particular emphasis on a pervasive type of stress, technostress, that is created by the use of Information and Communication technologies to work. We will discuss, as stress and uncertainty levels rise, a particularly pervasive type of stress, technostress, created by the use of remote communication and IT to work.

Data Science vs. Humans: who do we trust in the decision-making process?

There is no doubt that data science applications are becoming a part of organizations’ lives and, consequently, the lives of us all. As technology itself evolves and becomes more effective in detecting patterns and preferences, should we let it tell us which direction to follow? Will data science algorithms make human intuition obsolete?

A Case Study on Reskilling into Tech

While companies increasingly see retraining and "upskilling" existing workers as an urgent business priority, many are still hesitant to make the required investment in their workforce. Is it possible to reskill non-technical professionals into tech?

THE CHOICES OF

Nova SBE awarded at the 1st edition of the EFFAS Gasperini Awards

Professors Miguel Ferreira and José Tavares and Nova SBE PhD student Sharmin Sazedj were awarded the first edition of the EFFAS Gasperini Awards, where they represented Nova SBE

Subscribe our weekly newsletter

By subscribing to the Nova SBE Role to Play newsletter, you can stay up-to-date on the latest articles posted on the website.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

We all have a role to play

We are on a mission to be a community dedicated to the development of talent and knowledge that impacts the world.

With just ten years to go, an ambitious global effort is underway to deliver the 2030 promise. We want to take a stand and we are calling on our community to showcase how they are contributing to the 17 Sustainable Development Goals, whilst influencing more and more people to unravel their role to play.

Here, you will find four different ways your ideas can flourish, dialogue can be enhanced, and action can take place. You can choose one or all four, and Nova SBE will be there to support you all the way and guarantee tangible change.

We all have a role to play, and this is your way in.