Vendor Profile: AIR Worldwide

By Jeremy Seth Davis

AIR Worldwide released updates to ARC, its cyber risk modeling platform. The product helps insurance companies and reinsurers to quantify and analyze cyber threats. The latest version includes a new risk model to quantify systemic ransomware incidents.

Insurance companies use the product for underwriting, portfolio management, and risk transfer processes, said Scott Stransky, vice president and director of emerging risk modeling at AIR Worldwide, speaking with this publication. AIR Worldwide is a business unit of data analytics company Verisk.

The platform uses an “outside-in approach” to generate information about systemic ransomware and cyber-related threats for hundreds of thousands of companies at scale…

The platform uses an “outside-in approach” to generate information about systemic ransomware and cyber-related threats for hundreds of thousands of companies at scale, Stransky said. Losses from a major systemic ransomware attack such as WannaCry and NotPetya can exceed $15 billion, according to Verisk data.

ARC is part of Verisk’s Cyber Solutions suite, built on an industry database containing information on more than 12 million businesses. The product is intended for risk managers and underwriters. ARC updates include a web user interface and integration with public APIs to support customer internal applications.

Aggregation points such as public internet traffic, operating systems, industry, geography, and cyber hygiene inform the models.

Aggregation points such as public internet traffic, operating systems, industry, geography, and cyber hygiene inform the models. Users have the ability to sort potential losses into distinct event categories: malicious breaches, social engineering and phishing, lost or stolen devices, unintentional disclosure, physical tampering, cyber extortion, unauthorized access, and unauthorized data collection.

Ransomware continues to affect remote workers and their employers. When the COVID-19 pandemic prompted a global transition to remote work, cybercriminals swiftly took advantage of companies that were operationally unprepared. New ransomware samples increased by 72% in the first half of 2020, according to a recent report.

Over the past few years, there has been a proliferation of analytics solutions making use of publicly accessible data to quantify cyber risk. Category leaders SecurityScorecard, BitSight Technologies, and Risk Recon once dominated the market and now face an array of direct competitors and indirect competition from adjacent categories, including third-party vendor mapping technologies. Stransky said ARC works with cybersecurity rating companies and provides additional data streams to the rating company customers.