New capabilities are part of FICO® Enterprise Security Score


  • The FICO® Enterprise Security Score now has an insurance dashboard that underwriters can use to understand their exposure and make better pricing and portfolio decisions
  • Underwriters can calculate risk metrics, simulate risk scenarios, insert their historical data, review risks at a policy, portfolio and book-of-business level, and more
  • Breach insurers may use the new features to better understand aggregate risk concentrations across a portfolio of policies where multiple insureds may be exposed to common IT suppliers and technologies

Cybersecurity breach insurers now have a better way to measure and manage risk across insureds, portfolios and industries. Silicon Valley analytics firm FICO today announced that the FICO® Enterprise Security Score is the first cybersecurity rating to include powerful risk assessment and modeling capabilities to help insurers make better underwriting, pricing and portfolio decisions, and meet profitability targets for their cyber book of business.

With the insurance dashboard, underwriters can embed individualized risk assessment for each policy in their portfolio analysis, including dependency/vendor risks, giving the underwriter the greatest flexibility in modelling various risk scenarios. Using the dashboard, underwriters can:

  • Calculate a range of risk metrics, such as probable maximum loss (PML).
  • Inject their organization’s historical distribution information on overall claimable loss and losses in subcategories such as legal fees and crisis management, to determine a much more granular and accurate exposure assessment catered to their market segment.
  • Simulate various risk scenarios and model their financial risks under a variety of complex conditions.
  • Model both primary insured risk and risk from primary insureds’ fourth-party relationships.
  • Review risks at a policy, portfolio and book-of-business level.
  • Include historical claim and performance data as well as policy terms into the overall financial picture.
  • Model potential failures at common fourth-party vendors, in order to find hidden dependencies across their portfolios.

“This is a big step forward for cybersecurity insurance, which is one of the newer forms of business insurance,” said Doug Clare, who oversees cybersecurity solutions at FICO. “Just as lenders use the FICO Score to understand risk at the consumer and portfolio level, the FICO Enterprise Security Score shows insurers risk across their cybersecurity book, based on a very detailed, policy-level risk assessment. We’re seeing a lot of interest from insurers in using these powerful tools.”

The FICO® Enterprise Security Score performs a complex assessment of an organization’s network assets, applies advanced predictive algorithms, and then condenses the results down to a three-digit score that rank-orders based on the odds of breach for the organization. Companies can use this score to understand and track their own performance, or evaluate the security risk of their vendors and other business partners. FICO’s score is the first in the industry to quantify the risks introduced by 4th parties — a partner or vendor’s vendors. FICO was part of a consortium of industry leaders that developed new guiding principles for cybersecurity ratings.

Source:  FICO Press Release