Components of a major cyber event: A (re)insurance approach 2025

In this IIL reinsurance webinar, Lucy Fraser, Geraldine Kearney, Fraser Barr and Souki Chahid discuss the ABI and Lloyd’s of London paper, ‘Components of a Major Cyber Event: A (Re)Insurance Approach’. The emerging and incredibly complex nature of cyber threats are a crucial challenge to our industry. There is no one single definition of a major cyber event, and history does not yet provide enough evidence to build one. However, getting ahead of these threats and understanding the risk they pose is where our industry excels. By collaborating with Lloyd’s, the webinar speakers and colleagues have been able to develop a framework and a consistent set of components for firms to consider when trying to build their own definitions. This should provide more certainty for insurers, government and customers.

This webinar focuses on the ABI and Lloyd’s of London co-published guide for (re)insurers on how to approach defining a major cyber event. As one of the most prominent systemic and emerging risks, there are not many historic major cyber events for insurers to look at when trying to establish clear definitions and policy wording. The ‘Components of a major cyber event: a (re) insurance approach’ seeks to address this by setting out the factors (re)insurers should consider and provides a framework to follow when defining what constitutes a major cyber event. Written by senior cyber (re)insurance leaders, which include the four webinar speakers, the paper represents a joint effort to build shared approaches across the industry. The steps that need to be considered, and given varying degrees of emphasis, when defining a major event include:

• WHO is responsible for the event and whether their intentions were malicious or not?
• WHAT was the cause of loss?
• WHERE did it occur geographically, in the digital ecosystem and the insured population?
• WHEN did the event start and how long did it last for?
• HOW did the cyber event spread – was it manual or automatic?
• WHY did the event occur? Was the motive for financial or political gain?
• IMPACT quantified as monetary loss

Each provider’s definition may vary depending on their commercial approaches. However, the framework helps streamline this process by grouping, categorising, and systematically analysing cyber incidents for various purposes, such as risk assessment and aggregation.

Learning objectives

• Defining major cyber events: learn about a structured framework for defining major cyber events
• Understand key components: gain insights into the factors that influence the impact and spread of cyber events
• Industry collaboration: hear about the work of creating this paper and the joint efforts and shared best practices that can be achieved to help in managing cyber risks

Speakers

• Dr Lucy Fraser, Senior Policy Advisor, Association of British Insurers
• Geraldine Kearney, Senior Corporate Underwriter/Legal Consultant, Munich Re
• Fraser Barr MA ACII CISMP, Cyber Broker, Global Cyber Practice, Aon
• Souki Chahid, Managing Director, Head of Cyber Analytics, Guy Carpenter
• Chair: Ben Rose, President & Co-founder, Supercede Technology Ltd