6


 




  



áá


p

 
  

m
’ 
M Youƞre the risk manager of a financial institution
with a new web site
M Your insurance broker has provided you a quote
for new e-commerce risk insurance coverage:
$350,000 - $450,000 with low limits
M Your not exactly sure what the risks of the web
site are
M What to do?


i
 

M ’he financial institution provides community

banks with a product portfolio of ancillary
products such as:
investments (mutual funds and stock trading)
insurance
other banking services
M You provide web sites for these community
banks for investments, insurance and lending

Ô
0

  

M ailure of the web site

problems with the surroundings, power failure, fire or
flooding
failure of the hardware
failure of the software
attack through virus or computer hacker


  


 
 


 

M aelay in performing a service

M Loss of brand value due to unreliability of
service or transmission of computer virus
M loss of value through failure to deliver
for example, an uncompleted stock trade

ë
i
  !
  
 
  


M ’here is an intensive application

the problem is that you canƞt figure out how complex
or risky a web site you are running
M A system audit is part of the insurance coverage
there is a bias to find fault


Ñ"      
#!


M Àts 1999 and the price/earnings ratio of the e-

commerce function seems to have broken down
M ’he unspoken issue is how do you insure the
value lost if something happens to the web site?
M Not sure this is an issue today

î
0 
 

M Looking for someone to quantify the risk

M We brought a multidisciplinary team of
actuaries, economists and policy expert
M ’he actuaries provided the quantification and
modeling skill sets

^
á  

M áodel the web site

M Stochastic testing
M Scenario testing

-
á 
M áá ER developed a computer program to
model the economic performance of the e-
commerce infrastructure
M Used companyƞs performance statistics
M Used a áonte arlo simulation to produce
expected revenue and branding values
M Based on this quantification, valued the
potential losses of a series of scenarios

m
 Flow of Information and quantification of failure probabilities

[
   


 !

 
 

 

 
 

 
 

 

 "#  $ %% $$"  ###"## $ " ! " 
!%#$  #!!& mm
@ $

M  isits per week

M Usage over the week
M Revenue
M ustomer value
M Application acceptance
M aowntime

m
  
i
 

 
 

 f rtici ti ks

À
t r
t lic ti
s

lic ti
fs
À
s r
c
r riti


 L

 l
s t
ks
Prs
t v l  f i
c 


 l
s

mÔ
’  


M aenial of service
M hysical damage to hardware location
M New virus brings down complete system
M áalicious employee
M ’hreats/extortion
M ’heft of credit card numbers

m
’  

a


M Attack causes a degradation of performance or
loss of service to web site
M Not covered under current coverage
M áodeling assumption: site down for 3 hours
M Àncome loss/ ustomer value loss

më
’  

©
     

M Location of where hardware is kept is disabled
M overed under current insurance
M áodeling assumption: site down for 10 days
M Àncome loss/ ustomer value loss
M lient bankƞs lost revenue

m
’  

{ 
  

   

M Not covered under current coverage
M áodel assumption: system down for 2 days
M Àncome loss/ ustomer loss

mî
’  

á 

M aestruction of important data or programs
M ost of recovery process covered under current
coverage
M Not modeled
M ’heft of policyholder info or other intangible
property
M Not covered under current coverage

m^
’  

’   

M ’hreat to commit a computer crime or to use
information gained from a computer crime in
exchange for money, personal gain or to
embarrass the company
M Would be covered under current kidnap and
ransom policies

m-
’  

’   
  
M a universe and Salesgate (e-mall)
M No credit card numbers are stored


  



M Biggest risk business interruption

M ’hird party loss is minimal at this time

though in time the Ànternet will affect its
client relationship

m
 

M Better quantification of risks

M Better able to make a purchase decision
M Other risk management decisions
M What isnƞt at risk is also important


$

M ’he website is still in operation

M Strategy has been proven successful

Ô

  

M Bruce Schneier - `  
 

(Wiley omputer ublishing, 2000)

ü’he insurance industry does this kind of

thing all the time; itƞs how they calculate
premiums. ’hey figure out the annual loss
expectancy for a given risk, tack on some
extra for their operational costs plus some
profit and use the resultơ



  

M Bruce Schneier - `  
 

(Wiley omputer ublishing, 2000)

üOf course thereƞs going to be a lot of

guesswork in any of these; the particular risks
weƞre talking about are just too new and too
poorly understood to be better quantized
(sic).ơ

ë

  

M ©ricing e- ommerce Risk

aetermine Strategy
Àdentify the Risks
ollect Available aata
aevelop áodel
©rice According to Strategy



  

M aetermine Strategy
ü uess and onfessơ
Loss Leader
Self-Supporting
ranklin Approach

î

  

M aetermine Strategy - ü uess and onfessơ

Ànsurer uses best available judgment (usually

discovered deep in the bowels of the
marketing department) as to the proper rate

Alternatively, rely on advice of career agents

^

  

M aetermine Strategy - Loss Leader

Aptly named, this strategy is based upon the

assumption that the best way to develop
experience and expertise is to write a lot of
exposure

-

  

M aetermine Strategy - Self-Supporting

oal is to cover losses and expenses,

including start-up expenses, over some
reasonable period of time. ’his is a radical
strategy and has rarely been adopted in the
property-casualty industry.

Ô

  

M aetermine Strategy - ranklin Approach

ocuses on loss avoidance

Underwrites against üundesirableơ hazards, e.g.

large user base

large asset base

high public profile

Ôm

  

M Àdentify the Risks

We have a good track record here

áedical áalpractice

omputer Leasing

Asbestos and Environmental

Ô

  

M Ñow many do you recognize?

aaemon
aata mining
aigital wallet
Extranet
Luhn formula
Smart card
’hin client
ÔÔ

  

M Ñow many do you recognize?

a 
- a structured background process

Ô

  

M Ñow many do you recognize?

aaemon - a structured background process
a
 

 - looking for hidden data patterns

Ôë

  

M Ñow many do you recognize?

aaemon - a structured background process
aata mining - looking for hidden data patterns
a
 
- encryption software, user Àa

Ô

  

M Ñow many do you recognize?

aaemon - a structured background process
aata mining - looking for hidden data patterns
aigital wallet - encryption software, user Àa
d
 
- authorized outsider-available intranet

Ôî

  

M Ñow many do you recognize?

aaemon - a structured background process
aata mining - looking for hidden data patterns
aigital wallet - encryption software, user Àa
Extranet - authorized outsider-available intranet
º
  - credit card verifying algorithm

Ô^

  

M º
 

(1) Start with penultimate digit and, moving left,

double the value of each alternating digit. Àf you
get a two digit number, add the two digits.

(2) Add up all digits. Result must be zero mod 10

Ô-

  

M º
 

1234 567890 12347

1438 537790 14387
1+4+3+8+5+3+7+7+9+0+1+4+3+8+7=70



  

M Ñow many do you recognize?

aaemon - a structured background process
aata mining - looking for hidden data patterns
aigital wallet - encryption software, user Àa
Extranet - authorized outsider-available intranet
Luhn formula - credit card verifying algorithm
` 
  - personal electronic memory card

m

  

M Ñow many do you recognize?

aaemon - a structured background process
aata mining - looking for hidden data patterns
aigital wallet - encryption software, user Àa
Extranet - authorized outsider-available intranet
Luhn formula - credit card verifying algorithm
Smart card - personal electronic memory card
’
 
- network computer w/o hard drive



  

M À
  á À


 

 
 
À
 
 
 

ü’  
 
  


    

  
     
 

  
 



.ơ
Ô

  

M À
  á À


 

 
 
À
 
 
 

ü›  
 

 

   
 

i.e.that
contained in the policy]    .ơ



  

M ’a Waterhouse fined $225,000 for

repeated outages which left customers
unable to trade

M 11 online brokers reported 88 outages for

1st 9 months 1999 (12th firm reported so
many outages it didnƞt keep track).

ë

  

M ollect Available aata

Exposure base not well-defined

Economic costs of losses not disclosed
Àndustry is young and evolving
’hreat base is also evolving



  

M ollect Available aata

Remember, üLloydƞs Listơ was started in 1696

but it wasnƞt until 75 years later that the
Society of Lloydƞs was formed

î

  

M aevelop áodel

Àdentify major processes

Àdentify major threats
Relate threats to processes
aetermine (or guess at) parameters

^

  

M Example - aistributed aenial of Service

(aaoS)

-

  
üAttack of the Zombiesơ - ebruary,2000

áonday, ebruary 7
- 3
 portal rendered inaccessible for 3 hours

’uesday, ebruary 8
- i  90% inaccessible
- i  incapacitated
-  95% inaccessible
-   slowed to 5 minute access time

Wednesday, ebruary 9
- Ëa
 unreachable
- d’  slowed üto a crawlơ
- d
60% inaccessible

ë

  

M Ñow aaoS Works

oal is to render system inoperable
One attacker controls multiple servers

áethod: Break into numerous sites, install

üattack scriptơ and orchestrate coordinated
attack

ëm

  

 

 á

[  
  
á á[

[


ë
 Ñ




 ë 

  
   
   
 ë    

  

ë 


Ô Ô ë

 



ëÔ
 Ñ

 


 


 


   ë

 



ë

  

M ©rice According to Strategy

requency will vary with

©opularity

©rofile

©otential

ëë

  

M ©rice According to Strategy

Severity will vary

e’oys v. E*’rade

ë

  

M ü3  



 
 

 
  

  ơ
- Yogi Berra
ëî