Based on a risk evaluation model universally used by property underwriters for hundreds of years, Chubb’s Cyber COPE® combines underwriting, data analytics, and various security disciplines into a structured framework, providing risk managers with a tool to better communicate with the organization’s security experts and to understand their organization’s cyber risk posture.
Benefits
- Innovative approach to cyber risk management for large organizations
- Proprietary framework, grounded in Chubb’s 15+ years of cyber underwriting and claims experience, loss experience, data analytics, and relationships with the world’s leading cyber risk organizations
- Integrates both objective and subjective criteria into a comprehensive risk evaluation process built around four key elements
Key Elements of Cyber COPE®
Components
- Number of endpoints
- Number of network connections
- Software versions
- Data center locations
Protection
- Data retention
- Firewalls
- Incident response/response readiness
- Monitoring
- Encryption
Organization
- Policyholder’s industry
- Quality of IT and security related policies
- Percent of budget allocation for security
- Use of industry standards
- Quality of information governance
- Percent of outsourced services
- Board level risk appetite
Exposures
- Political or criminal motivation
- Types of outsourcing
- Common threat vulnerability
- Type and amount of sensitive information
- Reliance on network for operations
- Compliance and regulatory requirements