in  the  event  of  a  severe  fire.  Likewise, cyber  underwriting  models  should  embrace  this  time-proven
            approach.

            For the insured organizations, this means quarterly insights into how well their people, their processes
            and their cyber defense technologies are able to fare against the most severe cyber threats. The granular
            efficacy data collected allows them to fine-tune the performance of their teams and their technologies, as
            well as perfect and know their net cyber risk exposures. They can then be rewarded with lower cyber
            insurance premiums if they are doing a good job.

            Insurers, in turn, gain a clearer view of the risk that they are actually insuring.

            Cyber  insurers  who  switch  their  underwriting  models  to  ones  based  on  proven  efficacy,  will  better
            understand  the  extent  to  which  risk  and  tail  event  exposures  can  be  contained  without  expanding
            exclusions.  This  will  speed  their  way  to  getting  their  cyber  lines  back  into  the  business  of  pursuing
            sustainable, profitable growth.  This approach will also enable smaller companies, who are currently
            priced out of having any cyber insurance at all, who deserve it, to (re)access coverage.

            A  win-win  for  both  insurers  and  insured,  efficacy-based  underwriting  paves  the  way  for  insurers  to
            meaningfully  introduce  lower  premiums  to  properly  deserving  entities.    In  turn,  businesses  will  be
            incentivized to embed cybersecurity best practices at the core of their operations. No more disconnects
            between  paper  reports  claiming  effectivity  and  severe  cyberattacks  proving  the  opposite.  Both  the
            insureds and their insurers will have confidence in their ability to withstand such events beforehand, and
            with better outcomes for all.



            About the Author

            James Gerber is the CFO of SimSpace.  He brings over 30 years of
            experience  working  with  the  leading  providers  of  cutting-edge
            cybersecurity  in  the  industrial  and  transportation  sectors.  Prior  to
            joining SimSpace in 2007, James was the CFO of venture and private
            equity-backed companies in the cybersecurity and education spaces,
            serving  as  a  leader  in  the  governance  of  an  SEC-regulated  public
            company traded on the New York Stock Exchange.  During his time at
            the  Pension  Benefit  Guaranty  Corporation,  he  oversaw  risk
            forecasting  over  most  of  the  companies  in  the  S&P  500,  and  he
            managed an institutional investment portfolio with over $50 billion of
            assets under management.

            James  Gerber  has  a  Bachelor  of  Science  degree  in  mechanical  and  aerospace  engineering  from
            Princeton University, and an M.B.A. from the Harvard Business School. He began his career as an
            electronics and communication systems engineer, and later founded the Automated Systems Division of
            Morrison Knudsen.

            James can be reached online on LinkedIn and and at our company website https://www.simspace.com/.







                                                                                                            200