Slides from Tony Martin-Vegue's presentation at SIRAcon (Cincinatti, OH) on May 1, 2019
What do Tom Jones’ chest hair, alien abductions, and Tylenol’s brand recognition have in common? An actuary – somewhere in the world – determined the probability and impact of a loss event and reduced enough uncertainty to issue an insurance policy. Yet, in the field of risk management, we hear that this is impossible: we can’t measure intangibles; we can’t determine the probability of an event that’s never happened, and oftentimes, measuring probability itself is not possible. The insurance industry shows us that this just isn’t true, and they have the money to prove it. Insurance is a thriving business with excellent margins, built on uncertainty reduction.
Why? The answer lies in incentives. Insurance is based on making uncertainty reduction profitable. With very few exceptions, cyber risk is set up to disincentivize good decisions. Using superstition and gut checks as a cheap replacement for data and utilizing debunked risk models are deemed “good enough” at best, and “really good!” at worst. Attendees will learn about how actuaries have historically tackled these challenges and receive practical tips on how companies and risk managers alike can be incentivized toward better risk decisions.