How we created an advanced online calculator to help businesses assess their cyber risk
For business owners, understanding the value of physical assets when it comes to insuring them is easy to conceptualise. But the value of the business’s data and the amount of cyber risk it’s facing can feel hard to quantify. This is precisely the problem we worked to solve with specialist insurance company Hiscox. The response was the Cyber Exposure Calculator.
The financial impact of a serious cyber breach can be eye-wateringly serious. But it’s also extremely complicated to calculate, especially as every business faces its own unique risk profile. For some, the concern might be the legal, reputational and compensatory impact of losing customer data. For others, it might be the fear of a malware attack that could bring the whole business to a halt. Others still don’t consider themselves a digital business and may think they’re not at risk at all. (Spoiler alert: they are.)
Hiscox wanted to offer businesses a clearer way of understanding, mitigating and insuring themselves against today’s very real cyber threats. So we worked with the team to do just that. We devised a strategy that combines existing data and user inputs to inform a digital tool for calculating the monetary value businesses could expect to lose as a result of a cyber attack.
Designing and building the calculator was no mean feat. It was based on a model that allows for more than a million permutations of data points (including business size, industry and existing security measures) to ensure that it covers the full scope of business risk.
The calculator launched in June 2019, as a free tool on the Hiscox website aimed at four key personas, from a small business owner to a third-party insurance broker. Operating in real time, it immediately shares insights that help business owners and managers make informed decisions about how to manage risk to their reputation, business and customer data loss and financial exposure. And, of course, to choose the right insurance to cover their exposure to the most pertinent cyber threats.