Is accumulation risk in cyber methodically underestimated?

Gabriela Zeller, Matthias Scherer

Research output: Contribution to journalArticlepeer-review


Many insurers have started to underwrite cyber in recent years. In parallel, they developed their first actuarial models to cope with this new type of risk. On the portfolio level, two major challenges hereby are the adequate modelling of the dependence structure among cyber losses and the lack of suitable data based on which the model is calibrated. The purpose of this article is to highlight the importance of taking a holistic approach to cyber. In particular, we argue that actuarial modelling should not be viewed stand-alone, but rather as an integral part of an interconnected value chain with other processes such as cyber-risk assessment and cyber-claims settlement. We illustrate that otherwise, i.e. if these data-collection processes are not aligned with the actuarial (dependence) model, naïve data collection necessarily leads to a dangerous underestimation of accumulation risk. We illustrate the detrimental effects on the assessment of the dependence structure and portfolio risk by using a simple mathematical model for dependence through common vulnerabilities. The study concludes by highlighting the practical implications for insurers.

Original languageEnglish
JournalEuropean Actuarial Journal
StateAccepted/In press - 2024


  • Accumulation Risk
  • Cyber Insurance
  • Cyber Risk
  • Poisson Process


Dive into the research topics of 'Is accumulation risk in cyber methodically underestimated?'. Together they form a unique fingerprint.

Cite this