How AI Is Transforming Cyber Risk Quantification


            By Jose Seara, Founder and CEO, DeNexus



            Cyber risks differ from other more familiar risks in life, such as the dangers of a car crash for drivers, or
            a natural disaster for homeowners. These are well-defined,  measurable risks with associated costs that
            insurers can estimate.

            Yet despite the sophistication of modern IT cybersecurity  protections, most large organizations still lack
            substantial  empirical  data about  the  risks facing  their  industrial  control  systems  (ICS) and  operational
            technology (OT) at utility plants, refineries, and factories. This shortcoming is due to the limited availability
            of data about OT cyber incidents, and an inability to apply traditional actuarial  methods to estimate the
            potential financial consequences.

            The  lack  of  data  at  these  facilities  makes  inherent  uncertainty  a  key  challenge  for  quantifying  and
            prioritizing cyber risk. To get a better handle on this problem, a new field has emerged called Cyber Risk
            Quantification and Management, or CRQM, which relies on risk transfer practices. New CRQM platforms
            benefit  from  the  use  of  artificial  intelligence  and  data-driven  tools  to  better  manage,  mitigate,  and
            eventually transfer cyber risks to insurers.




            Cyber Defense eMagazine – August 2024 Edition                                                                                                                                                                                                          153
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.