RiskGenius Blog

Insights into our world of Insurance & Technology.

Eating Cyber Insurance Policies for Breakfast

Yesterday, I wrote that I need to be doing more and talking less. I've also taken inspiration in Gary Vaynerchuk's Youtube episode "Document, Don't Create."

So here's some documenting and doing.

When we show the RiskGenius software, people just see software. We've done a great job with the user interface so that people don't ever have to think about machine learning or algorithms.

But I wanted an opportunity to show off the power of our RiskGenius algorithms that work behind the scenes.

Screenshot 2016-12-15 21.28.38-1.png

Our Cyber Insurance Magic Trick

For this magic trick, I decided I wanted to review cyber insurance policies across the industry. Cyber insurance is a fairly new and evolving risk. I was curious to see if the language in cyber insurance policies was similar or different.

So I asked one question: how similar or different are definitions of malicious code in insurance polices across the industry?

Here's the answer: there are a lot of variations of malicious code definitions -- 78 by our findings. 

In order to get to the answer, here's what we did:

  • We collected 400+ cyber insurance policies (forms and endorsements).
  • We broke the policies into 26,000+ clauses (via the RiskGenius Parsing Algorithms)
  • We bucketed the clauses into 109 categories (via the RiskGenius Categorization Algorithms)
  • We then isolated 140 definitions of malicious code.


This took a few hours.


Stop and think about that for a minute. We were able to isolate 140 definitions from 26,000 clauses in a few hours. Stats like that blow my mind. 

But we went way further. We then took the 140 definitions of malicious code and we compared them to each other to determine which ones were most similar and most different.

There were three big findings from the report. But you have to download it if you are interested in reading more. Don't worry, it's free. I'm just curious how many people are interested in this sort of thing.


Download the RiskGenius Machine Learning Report now. 


So why does this matter?

Now that we have done this to malicious code definitions, we plan to do it with every type of clause in cyber insurance policies. Then we can aggregate the scores for each policy and determine how similar or different insurance policies are to each other.

More importantly, we can run the same analysis on anyone's policy. We already have corporations (particularly self-insurers) that want to run their policy against our database. And I have a feeling that an insurance company or two would be interested in knowing how its policy stacks up against the competition. 

That's what we have been working on, among other things.

If you are interested in more reasearch and findings about insurance policies, please sign up for the blog on the right! Way more of this is on the way.