In the rapidly evolving landscape of cyber risk, staying ahead of emerging threats is critical for insurers and risk managers. Guidewire's Cyence Model 7, the latest iteration of our cyber risk modeling product, offers significant advancements in data precision, risk event customization, and attack scenario coverage, ensuring that customers remain equipped to manage complex cyber risks effectively.
This blog explores what's new in Cyence Model 7 and why these developments matter to customers across the cyber insurance and risk management industry.
What’s New in Cyence Model 7
- New War and System Failure Event Options - One of the most discussed features in Cyence Model 7 is the ability to incorporate or exclude war events and system failure events from the risk model. Cyber warfare and nation-state attacks are becoming increasingly prevalent, and insurers have faced growing concerns about how to address such risks in their policies.
In response, Model 7 offers customization options that allow users to assess cyber risks in line with their company’s policies. Whether customers want to include war-related events or system failures—or exclude them entirely—the flexibility in Model 7 ensures that risk models align more closely with our customer’s evolving needs.
- Updated Data for Better Accuracy - Cyence Model 7 incorporates fresh, comprehensive data updates. These include the latest incident, claims, firmographic, and technographic datasets, which improve the accuracy of risk predictions. This update ensures that underwriters and risk managers can rely on more statistically grounded insights when assessing a company’s cyber risk.
The data integration in Cyence Model 7 is structured to consider a broader range of factors than ever before. Our team has collected and analyzed petabytes of information from incidents around the globe, encompassing cyber breaches, extortion, ransomware, and denial of service attacks. This data is meticulously cleansed and validated using machine learning techniques to ensure its accuracy and reliability.
- Expanded Data Breach Model - The latest version of Cyence also enhances its data breach model by considering additional attack scenarios, including mass ransomware combined with data breaches. This feature is crucial in an era where cyberattacks are more sophisticated and layered. For example, attackers may exfiltrate data while simultaneously deploying ransomware, resulting in compounded financial losses.
The enhanced model not only captures the growing complexity of these incidents but also provides a clearer view of potential financial impacts, such as business interruption and extortion losses. This makes the model far more aligned with contemporary cyber threats, giving customers a comprehensive risk view that can better inform decision-making and risk mitigation strategies.
See Cyence Model 7 in Action: Watch the Cyence Model 7 Demo Video to Discover How It Transforms Cyber Risk Management
How Cyence Model 7 Helps You Navigate Complex Cyber Threats
- Flexibility for Policy Customization - As mentioned, Cyence Model 7’s war-event exclusion option helps insurers dealing with the increasing complexity of cyber warfare. This flexibility lets insurers choose whether to include or exclude war-related scenarios in their models, allowing them to create policies that cater specifically to their clients’ needs. For reinsurers, brokers, and agents, this degree of customization is invaluable when crafting policies for different regions or industries that may face varying levels of cyber risk.
Furthermore, the flexibility extends to system failures, giving insurers the ability to handle complex cases of cyber events that may stem from non-malicious, but equally damaging, failures in technology infrastructure.
- Improved Risk Accuracy for Underwriting - With the most up-to-date incident data, Cyence Model 7 delivers enhanced accuracy in assessing both individual and accumulation risk events. Underwriters and risk managers can model scenarios with more granular data on individual companies, including their industry, size, and exposure signals. The ability to customize models based on current threats - whether from cybercrime, nation-state actors, or new technological vulnerabilities - means underwriters can offer more competitive, tailored policies that reflect the true risk landscape.
Additionally, the model’s incident data captures historical cyber events while accounting for under-reporting, especially in regions without regulatory requirements for public disclosure. This capability mitigates the risk of blind spots and allows insurers to price risk with greater confidence.
- Comprehensive Coverage of Emerging Threats - The expanded attack scenarios included in Model 7, particularly those combining data breaches with mass ransomware, reflect the real-world risks that organizations face today. Ransomware incidents have evolved into a significant global threat, with mass ransomware attacks growing in frequency and scope. Cyence Model 7 captures the full spectrum of these risks, including first-party losses (such as breach notification, forensics, and regulatory fines) as well as third-party losses like liabilities and business interruption.
For enterprise risk managers, this comprehensive modeling approach translates into more actionable insights and better preparedness for the financial fallout of such events. It also enables customers to quantify potential losses in financial terms, making it easier to assess and communicate the financial risks to boards and stakeholders.
- Advanced Simulation for Accumulation Risk - Cyence Model 7 continues to leverage Monte Carlo simulation to model 10,000 possible economic outcomes over a 12-month period, capturing individual and accumulation events for better prediction. By simulating a wide variety of scenarios - such as mass data breaches, service provider outages, and payment processor disruptions - customers can get a full picture of how a cyberattack might cascade through their network and cause loss.
Additionally, the model provides insight into “tail risk” events - rare but highly impactful incidents that could lead to catastrophic losses. With Cyence’s ability to simulate such events, risk managers are better equipped to create mitigation strategies and plan for worst-case scenarios.
- Integration with Insurance and Reinsurance Workflows - The risk modeling in Cyence Model 7 is designed to seamlessly integrate with existing insurance workflows, allowing underwriters, brokers, and agents to use the model's insights when building policies. The model’s ability to quantify potential losses from cyberattacks ensures that customers can offer more competitive policies without sacrificing accuracy or comprehensiveness.
For reinsurers, the model’s accumulation risk features are essential for evaluating the exposure across portfolios. Whether it’s modeling the risk of service provider outages or analyzing the effects of a mass data breach, Cyence Model 7 provides the tools necessary to gauge the true exposure from shared technologies and interconnected networks.
Get the Latest, Most Up-To-Date View of Cyber Risk
As the cyber risk landscape becomes more complex, it’s critical for risk managers and insurers to stay ahead of emerging threats. Cyence Model 7 offers the most comprehensive and customizable tool for modeling these risks, with updated data, advanced simulation techniques, and new flexibility around war and system failure events. With this powerful model, insurers can offer more tailored, accurate, and competitive policies while better preparing themselves and their clients for the ever-evolving world of cyber risk.
For any organization involved in underwriting or managing cyber risk, the innovations in Cyence Model 7 provide a crucial competitive advantage, delivering the precision and flexibility needed to navigate today’s volatile cyber environment.
For more information about Cyence, please see our Cyence Product Webpage or contact us. To see a demo of Cyence, please request a demo.