WO2019173241A1 - Plateforme d'émission et de gestion en direct de politiques de cyber-assurance - Google Patents

Plateforme d'émission et de gestion en direct de politiques de cyber-assurance Download PDF

Info

Publication number
WO2019173241A1
WO2019173241A1 PCT/US2019/020606 US2019020606W WO2019173241A1 WO 2019173241 A1 WO2019173241 A1 WO 2019173241A1 US 2019020606 W US2019020606 W US 2019020606W WO 2019173241 A1 WO2019173241 A1 WO 2019173241A1
Authority
WO
WIPO (PCT)
Prior art keywords
processor
data
memory
contract block
contract
Prior art date
Application number
PCT/US2019/020606
Other languages
English (en)
Inventor
Jason Crabtree
Andrew Sellers
Original Assignee
Fractal Industries, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US15/911,117 external-priority patent/US10970787B2/en
Application filed by Fractal Industries, Inc. filed Critical Fractal Industries, Inc.
Priority to AU2019231130A priority Critical patent/AU2019231130A1/en
Priority to EP19764222.6A priority patent/EP3762893A4/fr
Publication of WO2019173241A1 publication Critical patent/WO2019173241A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/30Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
    • G06F16/33Querying
    • G06F16/332Query formulation
    • G06F16/3329Natural language query formulation or dialogue systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/08Insurance

Definitions

  • the disclosure relates to the field of automated computer systems, particularly to autonomous issuance and management of insurance policies for computer and information technology related risks.
  • Another issue in typical insurance may be the wait to process a claim.
  • the industry is already moving towards greater automation, and the move has already shown marked improvements in both convenience for the insured as well as quicker turnaround.
  • the WALL STREET JOURNAL recendy reported that four in ten insurers has moved to a more automated process to inspect damages not requiring on-site inspection by an employee, and also that claims processing with a greater level of automation can be handled in two to three days as opposed to 10 to 15 days.
  • improvements While many aspects may presendy be automated, there are other aspects that may benefit greater with automation.
  • the system will assess the likelihood of business interruption or loss due to both accidental issues such as data loss, loss of access to cloud computing platforms, etc., and malicious activity such as hacking, various forms of cyber attacks, and data theft.
  • the system will create matrices designed to assess threat profiles, propensity to be attacked, and potential for loss, including in its analysis factors such as cloud-based application and usage, perimeter security, stack security vendors and configurations, internal network topologies and segmentation, antivirus and endpoint prevention capabilities, identity and privilege management, endpoint software, and types and value of data stored, along with information about active and potential modes of attack, redundancy of systems, and similar factors.
  • the system will be able to autonomously issue policies, adjust premium pricing, process claims, and seek re-insurance opportunities with a minimum of human input.
  • a client portal is provided through a network- connected server, which allows the client to manage its insurance policies, including but not limited to applying for insurance coverage, making premium payments, submitting claims, and receiving claim payouts.
  • Information from the portal is sent to the underwriting processor, which performs automated management of the underwriting process.
  • the underwriting processor sends relevant information to the cyber risk analysis engine.
  • a deep web extraction engine gathers a variety of near real-time information from a plurality of online sources related to the status of networks, availability of doud computing platforms, active and potential cyber attacks, and other information relevant to the query.
  • the deep web extraction engine feeds the gathered information back to the cyber risk analysis engine, which performs assessments using machine learning algorithms to assess risks due to both accidental causes and malicious activity.
  • the results from the risk analysis are fed back to the underwriting processor, which uses those results to perform automated underwriting management.
  • a method autonomously issuing and managing insurance policies for computer and information technology related risks comprising the steps of: (a) providing a network-connected portal for clients to manage their insurance policies; (b) gathering a variety of data from about a plurality of potential risks related to use to computer and information technology; (c) analyzing the likelihood of business interruption or loss from a plurality of computer and information technology related risks; (d) creating a contract block by compiling the request into a computational graph-based format, with an automated underwriting processor; (e) linking the contract block to the requester, with the automated underwriting processor; (f) storing the contract block into memory, with the automated underwriting processor; (g) retrieving a plurality of available underwriting agreements from memory, with the automated underwriting processor; (h) creating an offer list by perform computational graph operations on the contract block to determine at least a risk-transfer agreement based at least on calculated risk associated with the request, contextual consideration of an existing contract portfolio, and the plurality of available underwriting agreements,
  • FIG. 1 is a diagram of an exemplary architecture of a business operating system according to an embodiment of the invention.
  • Fig. 2 is a flow diagram of an exemplary function of the business operating system in the calculation of asset hazard and risk in relationship to premium fixation informed by the existing risk accumulated in existing contracts (without loss of generality, across many perils) in a given portfolio.
  • Fig. 3 is a process diagram showing business operating system functions in use to present comprehensive data and estimate driven predictive recommendations in emerging insurance markets using several possible presentation model formats.
  • FIG. 4 is a process flow diagram of a possible role in a more generalized insurance workflow as per one embodiment of the invention.
  • Fig. 5 is a diagram of an indexed global tile module as per one embodiment of the invention.
  • Fig. 6 is a flow diagram illustrating the function of the indexed global tile module as per one embodiment of the invention.
  • Fig. 7 is a block diagram of an exemplary contract block as used in various embodiments of the invention.
  • FIG. 8 is a block diagram illustrating an exemplary automated insurance administration system as used in various embodiments of the invention.
  • Fig. 9 is a flow chart illustrating a method for creating a contract block as used in various embodiments of the invention.
  • Fig. 10 is a flow chart illustrating a method for automated processing of a request for underwriting as used in various embodiments of the invention.
  • Fig. 11 is a flow chart illustrating a method for automated claims processing as used in various embodiments of the invention.
  • Fig. 12 is a block diagram illustrating an aspect of the invention, the cyber risk analysis engine.
  • Fig. 13 is a flow chart illustrating a method for automated issuance and management of insurance policies related to computer and information technology related risks as used in various embodiments of the invention.
  • Fig. 14 is a diagram illustrating an aspect of an embodiment, a propensity to be attacked (PTBA) matrix.
  • Fig. 15 is a diagram illustrating an aspect of an embodiment, a threat profile matrix.
  • FIG. 16 is a block diagram illustrating an exemplary hardware architecture of a computing device used in various embodiments of the invention.
  • FIG. 17 is a block diagram illustrating an exemplary logical architecture for a client device, according to various embodiments of the invention.
  • Fig. 18 is a block diagram illustrating an exemplary architectural arrangement of clients, servers, and external services, according to various embodiments of the invention.
  • Fig. 19 is another block diagram illustrating an exemplary hardware architecture of a computing device used in various embodiments of the invention.
  • the inventor has conceived, and reduced to practice, a system and method for autonomous issuance and management of insurance policies for business interruption and loss associated with computer and information technology related risks, including but not limited to: system availability, cloud computing failures, current and past data breaches, data integrity issues, denial of service attacks, and other accidental events and malicious activity.
  • Devices that are in communication with each other need not be in continuous communication with each other, unless expressly specified otherwise.
  • devices that are in communication with each other may communicate directly or indirectly through one or more communication means or intermediaries, logical or physical.
  • steps may be performed simultaneously despite being described or implied as occurring non- simultaneously (e.g., because one step is described after the other step).
  • the illustration of a process by its depiction in a drawing does not imply that the illustrated process is exclusive of other variations and modifications thereto, does not imply that the illustrated process or any of its steps are necessary to one or more of the aspects, and does not imply that the illustrated process is preferred.
  • steps are generally described once per aspect, but this does not mean they must occur once, or that they may only occur once each time a process, method, or algorithm is carried out or executed. Some steps may be omitted in some aspects or some occurrences, or some steps may be executed more than once in a given aspect or occurrence.
  • AI artificial intelligence
  • a computer system or component that has been programmed in such a way that it mimics some aspect or aspects of cognitive functions that humans associate with human intelligence, such as learning, problem solving, and decision-making.
  • Examples of current AI technologies include understanding human speech, competing successfully in strategic games such as chess and Go, autonomous operation of vehicles, complex simulations, and interpretation of complex data such as images and video.
  • Machine learning as used herein is an aspect of artificial intelligence in which the computer system or component can modify its behavior or understanding without being explicitly programmed to do so.
  • Machine learning algorithms develop models of behavior or understanding based on information fed to them as training sets, and can modify those models based on new incoming information.
  • An example of a machine learning algorithm is AlphaGo, the first computer program to defeat a human world champion in the game of Go. AlphaGo was not explicitly programmed to play Go. It was fed millions of games of Go, and developed its own model of the game and strategies of play.
  • “graph” is a representation of information and relationships, where each primary unit of information makes up a“node” or“vertex” of the graph and the relationship between two nodes makes up an edge of the graph.
  • the concept of“node” as used herein can be quite general; nodes are elements of a workflow that produce data output (or other side effects to include internal data changes), and nodes may be for example (but not limited to) data stores that are queried or transformations that return the result of arbitrary operations over input data. Nodes can be further qualified by the connection of one or more descriptors or“properties” to that node.
  • qualifying properties might be“183 cm tall”,“DOB 08/13/1965” and“speaks English”. Similar to the use of properties to further describe the information in a node, a relationship between two nodes that forms an edge can be qualified using a“label”.
  • transformation graphs which are highly variable in size and node, edge composition as the system processes data streams.
  • transformation graph may assume many shapes and sizes with a vast topography of edge relationships. The examples given were chosen for illustrative purposes only and represent a small number of the simplest of possibilities. These examples should not be taken to define the possible graphs expected as part of operation of the invention.
  • transformation is a function performed on zero or more streams of input data which results in a single stream of output which may or may not then be used as input for another transformation. Transformations may comprise any combination of machine, human or machine-human interactions Transformations need not change data that enters them, one example of this type of transformation would be a storage transformation which would receive input and then act as a queue for that data for subsequent transformations. As implied above, a specific transformation may generate output data in the absence of input data. A time stamp serves as an example. In the invention, transformations are placed into pipelines such that the output of one transformation may serve as an input for another. These pipelines can consist of two or more transformations with the number of transformations limited only by the resources of the system.
  • transformation pipelines have been linear with each transformation in the pipeline receiving input from one antecedent and providing output to one subsequent with no branching or iteration.
  • Other pipeline configurations are possible.
  • the invention is designed to permit several of these configurations including, but not limited to: linear, afferent branch, efferent branch and cyclical.
  • A“database” or“data storage subsystem” (these terms may be considered substantially synonymous), as used herein, is a system adapted for the long-term storage, indexing, and retrieval of data, the retrieval typically being via some sort of querying interface or language.
  • “Database” may be used to refer to relational database management systems known in the art, but should not be considered to be limited to such systems.
  • Many alternative database or data storage system technologies have been, and indeed are being, introduced in the art, including but not limited to distributed non-relational data storage systems such as Hadoop, column- oriented databases, in-memory databases, and the like.
  • any data storage architecture may be used according to the aspects.
  • one or more particular data storage needs are described as being satisfied by separate components (for example, an expanded private capital markets database and a configuration database), these descriptions refer to functional uses of data storage systems and do not refer to their physical architecture.
  • any group of data storage systems of databases referred to herein may be included together in a single database management system operating on a single machine, or they may be included in a single database management system operating on a cluster of machines as is known in the art.
  • any single database (such as an expanded private capital markets database) may be implemented on a single machine, on a set of machines using clustering technology, on several machines connected by one or more messaging systems known in the art, or in a master/slave arrangement common in the art.
  • A“data context”, as used herein, refers to a set of arguments identifying the location of data. This could be a Rabbit queue, a .csv file in cloud-based storage, or any other such location reference except a single event or record. Activities may pass either events or data contexts to each other for processing. The nature of a pipeline allows for direct information passing between activities, and data locations or files do not need to be predetermined at pipeline start.
  • Each batch activity may contain a “source” data context (this may be a streaming context if the upstream activities are streaming), and a“destination” data context (which is passed to the next activity).
  • Streaming activities may have an optional“destination” streaming data context (optional meaning: caching/persistence of events vs. ephemeral), though this should not be part of the initial implementation.
  • Fig. 1 is a diagram of an exemplary architecture of a business operating system 100 according to an embodiment of the invention.
  • Directed computational graph module 155 retrieves one or more streams of data from a plurality of sources, which includes, but is not limited to, a plurality of physical sensors, network service providers, web based questionnaires and surveys, monitoring of electronic infrastructure, crowd sourcing campaigns, and human input device information.
  • a plurality of sources which includes, but is not limited to, a plurality of physical sensors, network service providers, web based questionnaires and surveys, monitoring of electronic infrastructure, crowd sourcing campaigns, and human input device information.
  • data may be split into two identical streams in a specialized pre-programmed data pipeline 155a, wherein one sub-stream may be sent for batch processing and storage while the other sub-stream may be reformatted for transformation pipeline analysis.
  • the data may be then transferred to a general transformer service module 160 for linear data transformation as part of analysis or the decomposable transformer service module 150 for branching or iterative transformations that are part of analysis.
  • Directed computational graph module 155 represents all data as directed graphs where the transformations are nodes and the result messages between transformations edges of the graph.
  • High-volume web crawling module 115 may use multiple server hosted preprogrammed web spiders which, while autonomously configured, may be deployed within a web scraping framework 115a of which SCRAPYTM is an example, to identify and retrieve data of interest from web based sources that are not well tagged by conventional web crawling technology.
  • Multiple dimension time series data store module 120 may receive streaming data from a large plurality of sensors that may be of several different types.
  • Multiple dimension time series data store module 120 may also store any time series data encountered by system 100 such as, but not limited to, environmental factors at insured client infrastructure sites, component sensor readings and system logs of some or all insured client equipment, weather and catastrophic event reports for regions an insured client occupies, political communiques and/or news from regions hosting insured client infrastructure and network service information captures (such as, but not limited to, news, capital funding opportunities and financial feeds, and sales, market condition), and service related customer data.
  • Multiple dimension time series data store module 120 may accommodate irregular and high- volume surges by dynamically allotting network bandwidth and server processing channels to process the incoming data.
  • programming wrappers 120a for languages— examples of which may include, but are not limited to, C++, PERL, PYTHON, and ERLANGTM— allows sophisticated programming logic to be added to default functions of multidimensional time series database 120 without intimate knowledge of the core programming, greatly extending breadth of function.
  • Data retrieved by multidimensional time series database 120 and high-volume web crawling module 115 may be further analyzed and transformed into task-optimized results by directed computational graph 155 and associated general transformer service 160 and decomposable transformer service 150 modules.
  • data from the multidimensional time series database and high-volume web crawling modules may be sent, often with scripted cuing information determining important vertices 145a, to graph stack service module 145 which, employing standardized protocols for converting streams of information into graph
  • graph stack service module 145 represents data in graphical form influenced by any pre-determined scripted modifications 145a and stores it in a graph-based data store 145b such as GIRAPHTM or a key-value pair type data store
  • REDISTM REDISTM
  • RIAKTM any of which are suitable for storing graph-based information.
  • Results of the transformative analysis process may then be combined with further client directives, additional business rules and practices relevant to the analysis and situational information external to the data already available in automated planning service module 130, which also runs powerful information theory-based predictive statistics functions and machine learning algorithms 130a to allow future trends and outcomes to be rapidly forecast based upon the current system derived results and choosing each a plurality of possible business decisions. Then, using all or most available data, automated planning service module 130 may propose business decisions most likely to result in favorable business outcomes with a usably high level of certainty.
  • action outcome simulation module 125 with a discrete event simulator programming module 125a coupled with an end user-facing observation and state estimation service 140, which is highly scriptable 140b as circumstances require and has a game engine 140a to more realistically stage possible outcomes of business decisions under consideration, allows business decision makers to investigate the probable outcomes of choosing one pending course of action over another based upon analysis of the current available data.
  • a significant proportion of the data that is retrieved and transformed by the business operating system, both in real world analyses and as predictive simulations that build upon intelligent extrapolations of real world data, may include a geospatial component.
  • the indexed global tile module 170 and its associated geo tile manager 170a may manage externally available, standardized geospatial tiles and may enable other components of the business operating system, through programming methods, to access and manipulate meta-information associated with geospatial tiles and stored by the system.
  • the business operating system may manipulate this component over the time frame of an analysis and potentially beyond such that, in addition to other discriminators, the data is also tagged, or indexed, with their coordinates of origin on the globe. This may allow the system to better integrate and store analysis specific information with all available information within the same geographical region. Such ability makes possible not only another layer of transformative capability, but may gready augment presentation of data by anchoring to geographic images including satellite imagery and superimposed maps both during presentation of real world data and simulation runs.
  • Fig. 2 is a flow diagram of an exemplary function 200 of the business operating system in the calculation of asset hazard and risk in relationship to premium fixation.
  • the prospect of a new insurance customer is presented at step 201.
  • Several pieces of data combine to produce an insurance relationship that optimally serves both customer and insurer. All of this data must be cleanly analyzed not only individually but also as a whole, combined in multiple permutations and with the ability to uncover hard to foresee relationships and future possible pitfalls.
  • the business operating system 100 previously disclosed in co-pending application serial number 15/141,752 and applied in a role of cybersecurity in co-pending application serial number 15/237,625, when programmed to operate as an insurance decision platform, is very well suited to perform advanced predictive analytics and predictive simulations to produce risk predictions needed required by actuaries and underwriters to generate accurate tables for later pricing at step 202.
  • Data forming the basis of these calculations may be drawn from a set comprising at least: inspection and audit data on the condition and worth of the customer’s equipment and infrastructure to be insured at step 203; known and probable physical risks to customer’s assets such as but not limited to: flooding, volcanic eruption, wildfires, tornado activity, hurricane or typhoon, earthquake among other similar dangers known to those skilled in the art at step 205; non-physical risks to customer’s assets which may include, but are not limited to: electronic or cyberattack, and defective operating software as well as other similar risks known to those skilled in the field at step 207; and geographical risks, which may include but are not limited to: political and economic unrest, crime rates, government actions, and escalation of regional tensions at step 206.
  • known and probable physical risks to customer’s assets such as but not limited to: flooding, volcanic eruption, wildfires, tornado activity, hurricane or typhoon, earthquake among other similar dangers known to those skilled in the art at step 205
  • non-physical risks to customer’s assets which may
  • step 209 The generation of detailed risk prediction data during step 209, which may have granularity to every unit of equipment possessed and each structure as well as support land and services of each area of infrastructure as would be known to those skilled in the field, is of great value on its own and its display at step 211, possibly in several presentation formats prepared at step 210 for different insurer groups may be needed, for example as a strong basis for the work of actuaries and underwriters to derive risk cost tables and guides, among multiple other groups who may be known to those skilled in the field.
  • expert risk-cost data may be input at step 211, system formatted and cleaned at step 210 and added to the system generated risk prediction data, along with contributions by other insurer employed groups to the data to be used in predictive calculation of business desirability of insuring the new venture and premium recommendations in steps 214 and 218.
  • Some factors that may be retrieved and employed by the system here are: to gather available market data for similar risk portfolios as pricing and insurer financial impact guidelines at step 213; all available data for all equipment and infrastructure to be insured may also be reanalyzed for accuracy, especially for replacement values which may fluctuate greatly and need to be adjusted intelligently to reflect that at step 212; the probabilities of multiple disaster payouts or cascading payouts between linked sites as well as other rare events or very rare events must be either predicted or explored and accounted for at step 217; an honest assessment of insurer company risk exposure tolerance as it is related to the possible customer’s specific variables must be considered for intelligent predictive
  • recommendations to be made at step 216 also potential payout capital sources for the new venture must be investigated be they traditional in nature or alternative such as, but not limited to insurance linked security funds at step 219; again, the possibility of expert opinion data 215 should be available to the system during analysis and prediction of business desirability recommendations and premiums changed at step 218. All recommendations may be formatted at step 210 for specific groups within the insurer company and possibly portions for the perspective client and displayed for review at step 211.
  • Fig. 3 is a process diagram showing business operating system functions 300 in use to present comprehensive data and estimate driven predictive recommendations in emerging insurance markets using several possible presentation model formats. New insurance markets are continuously arising and the ability to profitably participate is of great importance.
  • An embodiment of the invention programmed to analyze insurance related data and recommend insurance decisions may greatly assist in development of a profitable pathway in new insurance opportunities. Retrieval or input of any prospective new field related data from a plurality of both public and available private or proprietary sources acts to seed the process at step 301, specific modules of the system such as the connector module 135 with its programmable messaging service 135a, the High volume web crawler 115 and the directed computational graph module 155, among possible others act to scrub format and normalize data at step 302 from many sources for use.
  • Actual data and estimates when combined may be further combined and predictively transformed by the insurance decision platform at step 307 to produce the most reliable model and recommendations possible to be considered by decision makers at the insurer such as actuaries, underwriters, financial officers and brokers to decide on the best path forward at step 308 without each of them having to have found and processed the data themselves which may have led to omissions and errors.
  • the system may continuously monitor all resulting data such that the model may be continuously improved by re running steps 309, 310, and 301; and both insurer profitability and insurance coverage for the client are best optimized.
  • Results may be formatted for display and manipulation via the analyst terminal 311 in several different ways a few of which include a hazard model at step 315 which defines arbitrary characteristics of potential disasters or loss-initiating events and their frequency, location and severity using analytics or modeling simulation. In this display model, single-event characteristics are enhanced with event-set generation tools.
  • a vulnerability model at step 316 which specify the response of insured assets and areas of interest based on the magnitude of experienced events. This display model blends expert opinion with empirical data and extracted models and can be re-configured to accommodate custom weightings.
  • a financial model at step 317 which takes into account financial impact across all monitored assets and scenarios with each platform convolution while also considering portfolio-level losses and distributions.
  • This model provides data optimized for making informed business decisions using an expected probability curve and promotes consideration of tools such as the tail value-at- risk to understand exposures to large single-event losses.
  • a blended exposures and losses model at step 318 which operates under the knowledge that risks that may result in numerous losses concentrated in space and time are especially challenging.
  • the strong correlation between inland flooding, storm surge and wind damage from hurricanes is a canonical example.
  • This model optimizes the result data for display of multi-peril analysis to improve product development and introduction while balancing concerns related to correlated risk accumulation via modeling and named-peril risk transfer— even on all peril or multi-peril primary insurance products.
  • asset peril may be visualized by predicted occurrence probabilities which range from“high frequency events” at step 312 which are usually of low and estimable severity per single event, low in peril risk, which is most easily calculated, has an estimable frequency when analytics are used and may follow a Gaussian type 1 distribution; to“low frequency events” at step 313 which may be of high severity per single event engenders a catastrophic event risk which is calculable and may be at least partially mitigatable, is difficult to estimate in frequency and thus may require both predictive analytic and simulation
  • the processed data may be used as input to a fully autonomous system.
  • a fully autonomous system One such system in discussed below in Fig. 8.
  • Fig. 4 is a process flow diagram of a possible role in a more generalized insurance workflow 400 as per one embodiment of the invention. It is important that any added computational capability, such as the SaaS insurance decision platform, integrate with the majority, if not all of an insurer’s existing workflow while opening the business to new sources of information and predictive capabilities. With its programmable connector module 135 and messaging center 135a, the insurance decision platform 100 is pre-designed to retrieve and transform data from the APIs of virtually all industry standard software packages and can be programmed to retrieve information from other legacy or obscure sources as needed, as an example, data may even be entered as csv and transformed, as a simplistic choice from the many possible formats known to one skilled in the art and for which the platform is capable to handle at step 401.
  • any added computational capability such as the SaaS insurance decision platform
  • the platform may allow the client insurer to receive data dynamically from in-place at site sensors at insurance client sites or in various areas of interest at step 402 due to the multidimensional time series 120 data store which can be programmed to interpret and correctly normalize many data streams 120a.
  • Feeds from crowd sourced campaigns, satellites, drones, sources which may not have been available to the insurer client in the past can also be used as information sources as can a plurality of insurance related data, both on the general web and from data service providers may also add to the full complement of data the insurer client can use for decision making.
  • the platform may transform and analyze the data with model and data driven algorithms which include but are not limited to ad hoc analytics, historical simulation, Monte Carlo exploration of the state space, extreme value theory and processes augmented by insurance expert input at step 403 as well as other techniques known to be useful in these circumstances by those knowledgeable in the art, for which the platform is highly, expressively programmable.
  • model and data driven algorithms include but are not limited to ad hoc analytics, historical simulation, Monte Carlo exploration of the state space, extreme value theory and processes augmented by insurance expert input at step 403 as well as other techniques known to be useful in these circumstances by those knowledgeable in the art, for which the platform is highly, expressively programmable.
  • the output of system generated analyses and simulations such as estimated risk tolerances, underwriting guides, capital sourcing recommendations among many others known to those knowledgeable in the art may then be sent directly to dedicated displays or formatted by the connector module 135 and distributed to existing or existing legacy infrastructure solutions to optimize business unit interaction with new, advanced cross functional decision recommendations at step 404.
  • the processed data instead of being presented to corporate decision makers, may be used as input to a frilly autonomous system.
  • a frilly autonomous system One such system in discussed below in Fig. 8.
  • Fig. 5 is a diagram of an indexed global tile module 500 as per one embodiment of the invention.
  • a significant amount of the data transformed and simulated by the business operating system has an important geospatial component.
  • Indexed global tile module 170 allows both for the geo-tagging storage of data as retrieved by the system as a whole and for the manipulation and display of data using its geological data to augment the data’s usefulness in transformation, for example creating ties between two independently acquired data points to more fully explain a phenomenon; or in the display of real world, or simulated results in their correct geospatial context for greatly increased visual comprehension and memorability.
  • Indexed global tile module 170 may consist of a geospatial index information management module which retrieves indexed geospatial tiles from a cloud-based source 510, 520 known to those skilled in the art, and may also retrieve available geospatially indexed map overlays from a geospatially indexed map overlay source 530 known to those skilled in the art. Tiles and their overlays, once retrieved, represent large amounts of potentially reusable data and are therefore stored for a predetermined amount of time to allow rapid recall during one or more analyses on a temporal staging module 550.
  • a geospatial query processor interface 560 serves as a program interface between these system modules and geospatial index information management module 540 which fulfills the resource requests through specialized direct tile manipulation protocols, which for simplistic example may include“get tile xxx,”“zoom,”“rotate,”“crop,”“shape,” “stitch,” and“highlight” just to name a very few options known to those skilled in the field.
  • the geospatial index information management module may control the assignment of geospatial data and the running transforming functions to one or more swimlanes to expedite timely completion and correct storage of the resultant data with associated geotags.
  • the transformed tiles with all associated transformation tagging may be stored in a geospatially tagged event data store 570 for future review.
  • just the geotagged transformation data or geotagged tile views may be stored for future retrieval of the actual tile and review depending on the need and circumstance.
  • time series data from specific geographical locations are stored in multidimensional time series data store 120 with geo-tags provided by geospatial index information management module 540.
  • Fig. 6 is a flow diagram illustrating the function 600 of the indexed global tile module as per one embodiment of the invention.
  • Predesignated, indexed geospatial tiles are retrieved from sources known to those skilled in the art at step 601. Available map overlay data, retrieved from one of multiple sources at step 603 known to those skilled in the art may be retrieved per user design.
  • the geospatial tiles may then be processed in one or more of a plurality of ways according to the design of the running analysis at step 602, at which time geo-tagged event or sensor data may be associated with the indexed tile at step 604. Data relating to tile processing, which may include the tile itself is then stored for later review or analysis at step 607.
  • the geo data, in part, or in its entirety may be used in one or more transformations that are part of a real- world data presentation at step 605.
  • the geo-data in part or in its entirety may be used in one or more transformations that are part of a simulation at step 606.
  • At least some of the geospatial data may be used in an analyst determined direct visual presentation or may be formatted and transmitted for use in third party solutions at step 608.
  • a system configured to use business operating system 100 for insurance applications may be further configured to autonomously operate and manage various aspects of an insurance company.
  • the autonomous system may use a domain specific language to embody contracts.
  • Fig. 7 is a block diagram of an exemplary contract block 700 as used in various embodiments of the invention.
  • Contract block 700 may define a financially-backed contractual agreement using a contract definition language (CDL), used herein as a declarative specification domain-specific computer language for a contract.
  • CDL contract definition language
  • contract block 700 is not limited to only insurance purposes, as used in these disclosed embodiments, but may be used for any contractually-binding financial obligations such as a work contract, a purchase contract, and the like.
  • the inherent uniformity may negate the need for manually formalizing the contract information, and may also contribute to increased efficiency when used in autonomous processes, for instance, when used as input data for a machine learning model.
  • Contract block 700 may comprise information such as, but is not limited to, contract terms 705, conditions of a contract 710, programmatic operation instructions 715, relevant laws 720, general data 725, risk characterization 730, and the like all expressed using the CDL.
  • An instance of a contract block 700 may be created for each policyholder, or for each policy, depending on configuration and requirements, and may be stored into memory for later retrieval.
  • a front-end may be provided to access a contract block in human-readable form, and allow for changes to made to the compiled information.
  • Contract terms 705 may define what is covered under a particular contract, as well as information on the contract holder. For instance, the terms may dictate that a certain home, or a certain business is protected from damages caused by a fire.
  • Conditions 710 may define conditions or triggers that may be required before the contract takes effect. This may be based on one or more conditions such as triggering of on-premise sensors; naturally occurring events, such as a storm or flood; time-based; satellite or drone imagery; and the like. Conditions 710 may also trigger programmatic operation instructions 715, which are discussed below.
  • a home or business may have sensors, such as a smoke detector or a specialized sensor installed to detect heat damage, installed on the premises of the home or business to detect a fire. In the event of a fire, the smoke detector and the sensor may be triggered, which may in turn trigger a request to be automatically sent to a satellite or drone image provider for visual confirmation of damages.
  • Programmatic operation instructions 715 may be built-in or user-defined programmable instructions embedded into each instance of a contract block. Instructions may include automatically processing payouts when certain conditions or triggers occur; occasional automatic reanalysis of a contract to take into consideration changes in things like laws, regulations, and pricing; automatic modeling and projection of losses; submitting queries to other components or external services; and the like.
  • Relevant laws 720 may comprise data based on laws and regulations relevant to a particular contract
  • Relevant information may include business-based or geography based regulatory rules, local laws, and the like. This may allow other components to quickly retrieve data for calculations in which laws and regulations play an integral part.
  • the data may be automatically updated with programmatic operation instructions 715.
  • General data 725 may be general data pertaining to the contract such as, but is not limited to, property information, such as appraised value or history; a policyholder’s medical records; and the like. Similar to relevant laws 720, general data 725 may allow other components to quickly retrieve data when such data is required.
  • Risk characterization 730 for may be risk independently characterized using operations and data within contract block 700. By preprocessing the risk characterization, external processes may remain peril- and model-agnostic when processing the contract block; for example, when used in a rules engine, which is discussed further below.
  • Fig. 8 is a block diagram illustrating an exemplary automated insurance administration system 800 as used in various embodiments of the invention.
  • System 800 may comprise a plurality of components: an underwriting processor 805, a claims processor 810, a marketing manager 815, an event impact forecaster 820, a risk manager 825, a fraud prevention manager 830, an asset manager 835, a reinsurance manager 840, and a billing and payments manager 845.
  • System 800 may utilize contract blocks throughout, and be configured with an application programming interface (API) specifically for reading and efficiendy processing the CDL used in contract blocks.
  • API application programming interface
  • Underwriting processor 805 may be configured to autonomously process requests for underwriting, and may be accessible from a computer or mobile device through a web portal or mobile application. Upon receiving an underwriting request, underwriting processor 805 may create a new instance of a contract block, described in Fig. 7, by compile the provided information using the CDL. Underwriting processor 805 may comprise sub-routines to autonomously perform contract analysis such as a rules engine, a parametric evaluator, an optimizer, a portfolio constructer, and a model and geocoding service.
  • the rules engine may be configured from directed computation graph module 155, and may allow for evaluation of a contract or a plurality of contracts, which may be bundled into books or portfolios, using the associated transformer service modules.
  • the rules engine may evaluate the contracts via a forward-chaining battery of tests.
  • the selection of tests may be modular, and may comprise tests that are universal and applicable to a wide variety of contracts.
  • the results from the rules engine may be a list of offers labeled for rejection, underwrite, refer, or resubmit based metrics such as, legal risks, risk aggregation, risk accumulation, whether it fits into a particular portfolio, and the like.
  • rules engine may include, but is not limited to, validating contracts; verifying the legality of a request based on rules, laws, and regulations associated with locality and line of business; evaluating of contract-specific terms and requirements as specified in underwriting guidelines configured in the system; evaluation of peril-spedfic terms and requirements, such as geolocality restrictions; evaluation of portfolio impact; evaluation against projected deal flow; and the like.
  • the rules engine may validate specific terms, conditions, observables, or parameters expressed by the CDL via a deduction of facts derived from the contract block until a conclusion is reached.
  • the rules engine may also determine that a contract block is incomplete, such as in a case of inconclusive results from the deduction of facts, and may require a requester to resubmit his request with additional information.
  • the parametric evaluator may be configured from action outcome simulation module 125, and may explore possible product offerings based on requirements of an underwriting requester.
  • the parametric evaluator may run test submissions to the rules engine, and compiles the outcome. Associated pricing may also be optionally included.
  • the parametric evaluator may also utilize machine learning models to process historic requests and decisions with similar contexts to determine other possible offerings.
  • the optimizer may be configured from automated planning service module 130.
  • the optimizer receives results from the parametric evaluator and further refines the offerings based on historical underwriting from one or more organizations, or one or more underwriters.
  • the optimizer may utilize machine learning models to further process the results from the parametric evaluator to develop an understanding of potential or desirable contracts or portfolios to underwrite, and use this development in optimization of future requests.
  • the portfolio constructer may be configured from observation and state estimation service 140, and may use a blend of rules and learning mechanisms to further refine the number of offers made to the requester.
  • the portfolio constructer may not focus on factors relating to rules evaluation, such as technical pricing and risk accumulation, and instead consider other factors such as deal flows, or pending requests from other requesters to determine the viability and profitability of certain deal based on the opportunity cost of underwriting a particular request.
  • the model and geocoding service may use peril-specific information from a contract block to model and evaluate the contract’s impact to a portfolio.
  • the model and geocoding service may additionally utilize index global tile module 170 to evaluate the loss impact of geography-related perils such as, chance of flooding, chance of major storms, chance of earthquakes, and the like.
  • the subroutines of underwriting processer 805 are not all required to be present on a single system, and may be split across a plurality of hardware systems, where each system may operate independently.
  • the subroutines may also not be configured as described above, and may instead be specialized stand-alone components; may be configured from different modules; may be an application-specific integrated circuit (ASIC) designed to perform the task; or the like.
  • ASIC application-specific integrated circuit
  • Claims processor 810 may be configured to autonomously process insurance claims requests. Similar to underwriting processor 805, claims processor 810 may be accessed from personal computer or mobile device through a web portal or mobile application. When an insured makes a claim request, system 800 may retrieve a contract block belonging to the insured, and may request information regarding the claim from the user, such as a picture or video of damages. Claims processor 810 may also use the data collecting functions of business operating system 100 to independently, and autonomously, gather other information regarding a claim, which may include, but is not limited to, getting multidimensional time series data from on-site sensors, making calls to insurance marketplaces, getting data from third party services like drones or satellite providers, acquiring medical records of the user, and the like. The collected data may then be processed using business operating system 100.
  • Claims processor 810 may also utifize fraud prevention manager 830, discussed below, to verify that the collected information is authentic, and has not been tampered with. If a user’s claim is approved, billing and payments manager 845, discussed below, may be used to handle payouts.
  • Marketing manager 815 may be configured to autonomously identify desirable underwriting criteria to maximize portfolio profitability. Marketing manager 815 may evaluate factors such as availability, reinsurance, pricing, associated risks, and the like.
  • Event impact forecaster 820 may be configured to automate proactive loss estimation. Event impact forecaster 820 may utilize business operating system 100 to collect data from sensors, exogenous data, claims submission, satellite imagery, drone foots, and the like. The data may then be processed using models to determine the extent of damages caused by an event, and predict loss. Event impact forecaster 820 may also call on asset manager 835, discussed below, to manage assets to in order to handle the loss estimation. Event impact forecaster 820 may also be configured to provide automated payouts to insureds using billing and payments manager 845.
  • Risk manager 825 may be configured to autonomously quantify of additional risks associated with insuring a particular policyholder. This may be based on, for example, legal risks, regulatory risks, compliancy, and the like. The metrics generated by risk manager 825 may be used by other processes when calculation of associated risks is required.
  • Fraud prevention manager 830 may be configured to autonomously detect and prevent malicious or anomalous activity, and serve as a general framework for fraud prevention and detection for system 800. ln one application, fraud prevention manager 830 may be used to prevent system abuse by a malicious party by verifying collected information for authenticity via the robust data extraction, and validation capabilities of business operating system 100. For example, a submitted picture may be validated using entropy analysis. Fraud prevention manager 830 may also be modular in nature as to allow new models to be easily added to extend the algorithms used for detection and prevention of newly developed threats.
  • Fraud prevention manager 830 may also be configured to monitor an insured user’s activity while accessing their accounts for anomalies and unauthorized account access. Fraud prevention manager 830 may look for activity anomalies such as time of login, locations of login, anomalous purchases, adding unusual bank accounts or payment info, unusual interactions with the mobile application or web portal, and the like.
  • Asset manager 835 may be configured to autonomously manage an insurance company’s assets.
  • Asset manager 835 may maintain target asset distributions, volatilities and exposures, liquidity profiles, tax optimization, and dynamically modulate asset status based on expected liquid capital demands, risk status from forecasted losses, or exposures in live portfolios.
  • asset manager 835 may be configured to automatically move assets to a more liquid state if a major event, such as a natural disaster, is forecasted in anticipation of a surge of incoming claims.
  • asset manager 835 may also manage investments to maximize investment returns.
  • Reinsurance manager 840 may be configured to autonomously manage reinsurance through portfolio reanalysis, and pricing estimates for transferring selected risks to additional parties.
  • Reinsurance manager 840 may dynamically acquire, as well as cancel, reinsurance based on potential to take on new customers, cost of sharing selected risks, insurance-linked securities (ELS), capital market positions, present concentration of coverage in a particular area, and the like.
  • ELS insurance-linked securities
  • Different types of reinsurance may be combined to take advantage of changing availability and price expectations which may include, but is not limited to, quota share capacity, cat cover, per risk allocation per location or other definition, specific casualty treaties, ILS, and securitization via collateralized loan obligations.
  • Billing and payments manager 845 may be used autonomously manage billing and payments functionality.
  • Billing and payments manager 845 may integrate with a payment processor such as STRIPE MARKETPLACE, credit card processors, Automated Clearing House (ACH), SWIFT payment network, and the like.
  • Billing and payments manager 845 may retrieve account information of a particular contract from the associated contract block and automatically process payments, and payouts using the account information.
  • billing and payments manager 845 may automatically start the process to deposition payout funds into a prepaid debit card, and have it mailed to an insured to cover losses.
  • Fig. 12 is a block diagram illustrating an aspect 1200 of the invention, the cyber risk analysis engine.
  • relevant information is sent in 1201 from the underwriting processor to the cyber risk analysis engine 1202.
  • a deep web extraction engine 1203 gathers a variety of near real-time information from a plurality of online sources related to the status of networks, availability of cloud computing platforms, active and potential cyber attacks, and other information relevant to the query.
  • the deep web extraction engine 1203 feeds the gathered information back to the cyber risk analysis engine 1202, which performs assessments using machine learning algorithms to assess risks due to both accidental causes 1204 and malicious activity 1205.
  • the results from the risk analysis are fed back 1206 to the underwriting processor, which uses those results to perform automated underwriting management.
  • Fig. 9 is a flow chart illustrating a method 900 for creating a contract block as used in various embodiments of the invention.
  • a user submits a request for underwriting. This may be accomplished through a web portal, a mobile app provided by an insurer, and the like.
  • the data provided by the user may be compiled into a contract block, which is explained in further detail in Fig. 7.
  • the compiling may be done by the server providing the request form, or the data may be transferred to another device for compiling. In some embodiments, additionally data may be gathered by the system to be compiled, such as property records, insurance records, laws and regulations associated with the request, and the like.
  • the newly created contract block is transferred to an underwriting processor for processing.
  • Fig. 10 is a flow chart illustrating a method 1000 for autonomous processing of a request for underwriting as used in various embodiments of the invention.
  • a newly created contract block is queued by the system to a parametric evaluator for processing.
  • a method for created a contract block is described above in method 1000.
  • the parametric evaluator attempts to underwrite using the rules engine.
  • the rules engine completes the underwriting evaluation by going through each offer and assesses metrics such as risks, regulations, laws, and the like.
  • Each offer may be labeled by the rules engine as to be rejected, underwritable, requires resubmission, or refer.
  • rules engine may be done efficient, as well as allow the rules engine to be peril- and model-agnostic. Results back to the parametric evaluator.
  • the rules engine may optionally consult with a peril-specific model and geocoder, if required in the evaluation. If any of the processed offers received a“refer” label, the offers may be optionally sent to a human operator to reevaluate at step 1010.
  • the parametric evaluator forwards the results to an optimizer.
  • the optimizer may use deep learning or reinforcement learning concepts to refine the results to just recommended offers based on historical underwriting and whether a contract is determined to be desirable for a particular portfolio, and forwards the optimized results to a portfolio constructer.
  • portfolio constructor may assess the business utility and value of the compiled offers, and compiles offers that have been approved through evaluation using a rule set.
  • human interaction such as in the case of overriding an automated decision, may be used here to add offers to the list that has not been determined to be impossible to take on by the evaluation process.
  • the portfolio constructer presents the user with offers approved by the system with associated pricing.
  • the portfolio constructor may go through the optimizer for a final round of refinement before the offers are presented to the original requester.
  • the contract block may be stored into memory for future retrieval. For example, if a requester is shopping around for best pricing from different providers, the created contract block may be stored in memory and may be retrieved to be viewed at a later time. If the requester decides to take up on one or more offers, the system may change the status of the contract block.
  • Fig. 11 is a flow chart illustrating a method 1100 for automated claims processing as used in various embodiments of the invention.
  • submits a claim request to an automated insurance system This may be after the user has provided credentials, and a contract block associated to the user has been retrieved by the system.
  • the system requests that the user provide data regarding the daim to the system, such as photos or videos of damages.
  • the system may begin to independently gather information, such as making automated calls to an insurance marketplace, requesting on-site verification from a third- party service such as a drone or satellite provider, retrieving data stored on the contract block, status of one or more sensors located at the property of the user, and the like.
  • the automated system may crowd-source verification from unaifiliated bystanders, or send a verified claims adjuster to the site.
  • steps 1106 and 1112 may be executed simultaneously, and operating in parallel, while in other cases one of the steps may occur at a later time.
  • the system verifies the user-submitted data by analyzing it with a fraud prevention manager, which is discussed above in Fig. 830.
  • the system determines whether more data is required from the user. If more data is required, the flow returns to step 1106, and the user is asked to provide more information.
  • This may be a result of the submitted data being unsatisfactory, such as a photo taken from a strange angle or blurry footage; or it may be safeguard enacted by the fraud prevention manager after it has detected that the files provided by the user has been determined by the system to be anomalous or that the user’s monitored interaction with the insurance system has been determined to anomalous.
  • the system analyzes the available data, both provided and gathered, to determine whether a payout to the user is warranted at step 1118.
  • the system may either approve or deny the daim request, along with an explanation for the decision if required at step 1124.
  • the data may be deferred to a human operator for further analysis at step 1127.
  • a report prepared by the system on regarding the analysis may also be generated and submitted.
  • the system may be configured to provided automatic payout in the event of a claim request approval, which may utilize the billing and payments manager, which is discussed above.
  • Fig. 13 is a flow chart illustrating a method 1300 for automated issuance and management of insurance policies related to computer and information technology related risks as used in various embodiments of the invention, comprising the steps of: (a) providing a network- connected portal for clients to manage their insurance policies 1301; (b) gathering a variety of data from about a plurality of potential risks related to use to computer and information technology 1302; (c) analyzing the likelihood of business interruption or loss from a plurality of computer and information technology related risks 1303; (d) creating a contract block by compiling the request into a computational graph-based format, with an automated underwriting processor 1304; (e) linking the contract block to the requester, with the automated underwriting processor 1305; (f) storing the contract block into memory, with the automated underwriting processor 1306; (g) retrieving a plurality of available underwriting agreements from memory, with the automated underwriting processor 1307; (h) creating an offer list by perform computational graph operations on the contract block to determine at least a risk-transfer agreement
  • Fig. 14 is a diagram illustrating an aspect of an embodiment, a propensity to be attacked (PTBA) matrix 1400 applicable to evaluating risk due to malicious actors. Not all insureds are equally likely to be attacked, and not all assets of a given insured are equally likely to be targeted.
  • the propensity to be attacked (PTBA) matrix breaks down the cyber underwriting decision making process granularly, providing assessments of the likelihood of attack based on the type of attacker 1401 and the client’s data assets 1402, and combining them into a resilience score for each category 1403. In the absence of actual business data, the system can use secondary metrics (e.g., industry type, firm size, etc.) to complete the matrix.
  • secondary metrics e.g., industry type, firm size, etc.
  • Fig. 15 is a diagram illustrating an aspect of an embodiment, a threat profile matrix 1500, applicable to evaluating risk due to malicious actors. Potential threats are organized by threat level 1501 from attacks by nation states (threat level 1) to attacks by individuals (threat level 8). Threats at each level are further classified by the level of commitment of the attacker 1502 and the resources available to the attacker 1503.
  • the techniques disclosed herein may be implemented on hardware or a combination of software and hardware. For example, they may be implemented in an operating system kernel, in a separate user process, in a library package bound into network applications, on a specially constructed machine, on an application-specific integrated circuit (ASIC), or on a network interface card.
  • ASIC application-specific integrated circuit
  • Software/hardware hybrid implementations of at least some of the aspects disclosed herein may be implemented on a programmable network-resident machine (which should be understood to include intermittently connected network-aware machines) selectively activated or reconfigured by a computer program stored in memory.
  • Such network devices may have multiple network interfaces that may be configured or designed to utilize different types of network communication protocols.
  • a general architecture for some of these machines may be described herein in order to illustrate one or more exemplary means by which a given unit of functionality may be implemented.
  • At least some of the features or functionalities of the various aspects disclosed herein may be implemented on one or more general-purpose computers associated with one or more networks, such as for example an end- user computer system, a client computer, a network server or other server system, a mobile computing device (e.g., tablet computing device, mobile phone, smartphone, laptop, or other appropriate computing device), a consumer electronic device, a music player, or any other suitable electronic device, router, switch, or other suitable device, or any combination thereof.
  • at least some of the features or functionalities of the various aspects disclosed herein may be implemented in one or more virtualized computing environments (e.g., network computing clouds, virtual machines hosted on one or more physical computing machines, or other appropriate virtual environments).
  • FIG. 16 there is shown a block diagram depicting an exemplary computing device 10 suitable for implementing at least a portion of the features or functionalities disclosed herein.
  • Computing device 10 may be, for example, any one of the computing machines listed in the previous paragraph, or indeed any other electronic device capable of executing software- or hardware-based instructions according to one or more programs stored in memory.
  • Computing device 10 may be configured to communicate with a plurality of other computing devices, such as clients or servers, over communications networks such as a wide area network a metropolitan area network, a local area network, a wireless network, the Internet, or any other network, using known protocols for such communication, whether wireless or wired.
  • communications networks such as a wide area network a metropolitan area network, a local area network, a wireless network, the Internet, or any other network, using known protocols for such communication, whether wireless or wired.
  • computing device 10 includes one or more central processing units (CPU) 12, one or more interfaces 15, and one or more busses 14 (such as a peripheral component interconnect (PCI) bus).
  • CPU central processing units
  • interfaces such as a USB interface
  • busses 14 such as a peripheral component interconnect (PCI) bus
  • CPU 12 may be responsible for implementing specific functions associated with the functions of a specifically configured computing device or machine.
  • a computing device 10 may be configured or designed to function as a server system utilizing CPU 12, local memory 11 and/or remote memory 16, and interface(s) 15.
  • CPU 12 may be caused to perform one or more of the different types of functions and/or operations under the control of software modules or components, which for example, may include an operating system and any appropriate applications software, drivers, and the like.
  • CPU 12 may include one or more processors 13 such as, for example, a processor from one of the Intel, ARM, Qualcomm, and AMD families of microprocessors.
  • processors 13 may include specially designed hardware such as application-specific integrated circuits (ASICs), electrically erasable programmable read-only memories (EEPROMs), field- programmable gate arrays (FPGAs), and so forth, for controlling operations of computing device 10.
  • ASICs application-specific integrated circuits
  • EEPROMs electrically erasable programmable read-only memories
  • FPGAs field- programmable gate arrays
  • a local memory 11 such as non-volatile random access memory (RAM) and/or read-only memory (ROM), including for example one or more levels of cached memory
  • RAM non-volatile random access memory
  • ROM read-only memory
  • Memory 11 may be used for a variety of purposes such as, for example, caching and/or storing data, programming instructions, and the like. It should be further appreciated that CPU 12 may be one of a variety of system-on-a-chip (SOC) type hardware that may include additional hardware such as memory or graphics processing chips, such as a QUALCOMM SNAPDRAGONTM or SAMSUNG EXYNOSTM CPU as are becoming increasingly common in the art, such as for use in mobile devices or integrated devices.
  • SOC system-on-a-chip
  • processor is not limited merely to those integrated circuits referred to in the art as a processor, a mobile processor, or a microprocessor, but broadly refers to a microcontroller, a microcomputer, a programmable logic controller, an application-specific integrated circuit, and any other programmable circuit.
  • interfaces 15 are provided as network interface cards (NICs).
  • NICs control the sending and receiving of data packets over a computer network; other types of interfaces 15 may for example support other peripherals used with computing device 10.
  • interfaces that may be provided are Ethernet interfaces, frame relay interfaces, cable interfaces, DSL interfaces, token ring interfaces, graphics interfaces, and the like.
  • interfaces may be provided such as, for example, universal serial bus (USB), Serial, Ethernet, FIREWIRETM, THUNDERBOLTTM, PCI, parallel, radio frequency (RF), BLUETOOTHTM, near-field communications (e.g., using near-field magnetics), 802.11 (WiFi), frame relay, TCP/IP, ISDN, fast Ethernet interfaces, Gigabit Ethernet interfaces, Serial ATA (SATA) or external SATA (ESATA) interfaces, high-definition multimedia interface (HDMI), digital visual interface (DVI), analog or digital audio interfaces, asynchronous transfer mode (ATM) interfaces, high-speed serial interface (HSS1) interfaces, Point of Sale (POS) interfaces, fiber data distributed interfaces (FDDIs), and the like.
  • USB universal serial bus
  • RF radio frequency
  • BLUETOOTHTM near-field communications
  • near-field communications e.g., using near-field magnetics
  • WiFi WiFi
  • frame relay TCP/IP
  • ISDN fast
  • Such interfaces 15 may include physical ports appropriate for communication with appropriate media. In some cases, they may also include an independent processor (such as a dedicated audio or video processor, as is common in the art for high-fidelity A/V hardware interfaces) and, in some instances, volatile and/or non-volatile memory (e.g., RAM).
  • an independent processor such as a dedicated audio or video processor, as is common in the art for high-fidelity A/V hardware interfaces
  • volatile and/or non-volatile memory e.g., RAM
  • FIG. 16 illustrates one specific architecture for a computing device 10 for implementing one or more of the aspects described herein, it is by no means the only device architecture on which at least a portion of the features and techniques described herein may be implemented.
  • architectures having one or any number of processors 13 may be used, and such processors 13 may be present in a single device or distributed among any number of devices.
  • a single processor 13 handles communications as well as routing computations, while in other aspects a separate dedicated communications processor may be provided.
  • different types of features or functionalities may be implemented in a system according to the aspect that includes a client device (such as a tablet device or smartphone running client software) and server systems (such as a server system described in more detail below).
  • the system of an aspect may employ one or more memories or memory modules (such as, for example, remote memory block 16 and local memory 11) configured to store data, program instructions for the general-purpose network operations, or other information relating to the functionality of the aspects described herein (or any combinations of the above).
  • Program instructions may control execution of or comprise an operating system and/or one or more applications, for example.
  • Memory 16 or memories 11, 16 may also be configured to store data structures, configuration data, encryption data, historical system operations information, or any other specific or generic non-program information described herein.
  • At least some network device aspects may include nontransitory machine-readable storage media, which, for example, may be configured or designed to store program instructions, state information, and the like for performing various operations described herein.
  • nontransitory machine-readable storage media include, but are not limited to, magnetic media such as hard disks, floppy disks, and magnetic tape; optical media such as CD-ROM disks; magneto-optical media such as optical disks, and hardware devices that are specially configured to store and perform program instructions, such as read-only memory devices (ROM), flash memory (as is common in mobile devices and integrated systems), solid state drives (SSD) and“hybrid SSD” storage drives that may combine physical components of solid state and hard disk drives in a single hardware device (as are becoming increasingly common in the art with regard to personal computers), memristor memory, random access memory (RAM), and the like.
  • ROM read-only memory
  • flash memory as is common in mobile devices and integrated systems
  • SSD solid state drives
  • HDD hard disk drives
  • RAM random access memory
  • such storage means may be integral and non-removable (such as RAM hardware modules that may be soldered onto a motherboard or otherwise integrated into an electronic device), or they may be removable such as swappable flash memory modules (such as“thumb drives” or other removable media designed for rapidly exchanging physical storage devices),“hot-swappable” hard disk drives or solid state drives, removable optical storage discs, or other such removable media, and that such integral and removable storage media may be utilized interchangeably.
  • swappable flash memory modules such as“thumb drives” or other removable media designed for rapidly exchanging physical storage devices
  • “hot-swappable” hard disk drives or solid state drives such as “hot-swappable” hard disk drives or solid state drives, removable optical storage discs, or other such removable media, and that such integral and removable storage media may be utilized interchangeably.
  • program instructions include both object code, such as may be produced by a compiler, machine code, such as may be produced by an assembler or a linker, byte code, such as may be generated by for example aJAVATM compiler and may be executed using ajava virtual machine or equivalent, or files containing higher level code that may be executed by the computer using an interpreter (for example, scripts written in Python, Perl, Ruby, Groovy, or any other scripting language).
  • systems may be implemented on a standalone computing system.
  • Computing device 20 includes processors 21 that may run software that carry out one or more functions or applications of aspects, such as for example a client application 24.
  • Processors 21 may carry out computing instructions under control of an operating system 22 such as, for example, a version of MICROSOFT WINDOWSTM operating system, APPLE macOSTM or iOSTM operating systems, some variety of the Linux operating system, ANDROIDTM operating system, or the like.
  • an operating system 22 such as, for example, a version of MICROSOFT WINDOWSTM operating system, APPLE macOSTM or iOSTM operating systems, some variety of the Linux operating system, ANDROIDTM operating system, or the like.
  • one or more shared services 23 may be operable in system 20, and may be useful for providing common services to client applications 24.
  • Services 23 may for example be WINDOWSTM services, user-space common services in a Linux environment, or any other type of common service architecture used with operating system 21.
  • Input devices 28 may be of any type suitable for receiving user input, including for example a keyboard, touchscreen, microphone (for example, for voice input), mouse, touchpad, trackball, or any combination thereof.
  • Output devices 27 may be of any type suitable for providing output to one or more users, whether remote or local to system 20, and may include for example one or more screens for visual output, speakers, printers, or any combination thereof.
  • Memory 25 may be random- access memory having any structure and architecture known in the art, for use by processors 21, for example to run software.
  • Storage devices 26 may be any magnetic, optical, mechanical, memristor, or electrical storage device for storage of data in digital form (such as those described above, referring to Fig. 16). Examples of storage devices 26 include flash memory, magnetic hard drive, CD-ROM, anchor the like.
  • systems may be implemented on a distributed computing network, such as one having any number of clients and/or servers.
  • a distributed computing network such as one having any number of clients and/or servers.
  • Fig. 18 there is shown a block diagram depicting an exemplary architecture 30 for implementing at least a portion of a system according to one aspect on a distributed computing network.
  • any number of clients 33 may be provided.
  • Each client 33 may run software for implementing client- side portions of a system; clients may comprise a system 20 such as that illustrated in Fig. 17.
  • any number of servers 32 may be provided for handling requests received from one or more clients 33.
  • Clients 33 and servers 32 may communicate with one another via one or more electronic networks 31, which may be in various aspects any of the Internet, a wide area network, a mobile telephony network (such as CDMA or GSM cellular networks), a wireless network (such as WiFi, WiMAX, LTE, and so forth), or a local area network (or indeed any network topology known in the art; the aspect does not prefer any one network topology over any other).
  • Networks 31 may be implemented using any known network protocols, including for example wired and/or wireless protocols.
  • servers 32 may call external services 37 when needed to obtain additional information, or to refer to additional data concerning a particular call.
  • external services 37 may take place, for example, via one or more networks 31.
  • external services 37 may comprise web-enabled services or functionality related to or installed on the hardware device itself.
  • client applications 24 may obtain information stored in a server system 32 in the cloud or on an external service 37 deployed on one or more of a particular enterprise’s or user’s premises.
  • clients 33 or servers 32 may make use of one or more specialized services or appliances that may be deployed locally or remotely across one or more networks 31.
  • one or more databases 34 may be used or referred to by one or more aspects.
  • databases 34 may be arranged in a wide variety of architectures and using a wide variety of data access and manipulation means.
  • one or more databases 34 may comprise a relational database system using a structured query language (SQL), while others may comprise an alternative data storage technology such as those referred to in the art as“NoSQL” (for example, HADOOP CASSANDRATM, GOOGLE BIGTABLETM, and so forth).
  • SQL structured query language
  • variant database architectures such as column-oriented databases, in-memory databases, clustered databases, distributed databases, or even flat file data repositories may be used according to the aspect.
  • database may refer to a physical database machine, a cluster of machines acting as a single database system, or a logical database within an overall database management system. Unless a specific meaning is specified for a given use of the term“database”, it should be construed to mean any of these senses of the word, all of which are understood as a plain meaning of the term“database” by those having ordinary skill in the art.
  • security and configuration management are common information technology (GG) and web functions, and some amount of each are generally associated with any IT or web systems. It should be understood by one having ordinary skill in the art that any configuration or security subsystems known in the art now or in the future may be used in conjunction with aspects without limitation, unless a specific security 36 or configuration system 35 or approach is specifically required by the description of any specific aspect.
  • Fig. 19 shows an exemplary overview of a computer system 40 as may be used in any of the various locations throughout the system. It is exemplary of any computer that may execute code to process data. Various modifications and changes may be made to computer system 40 without departing from the broader scope of the system and method disclosed herein.
  • Central processor unit (CPU) 41 is connected to bus 42, to which bus is also connected memory 43, nonvolatile memory 44, display 47, inputybutput (I/O) unit 48, and network interface card (NIC) 53.
  • I/O unit 48 may, typically, be connected to keyboard 49, pointing device 50, hard disk 52, and real-time clock 51.
  • NIC 53 connects to network 54, which may be the Internet or a local network, which local network may or may not have connections to the Internet.
  • power supply unit 45 connected, in this example, to a main alternating current (AC) supply 46.
  • AC alternating current
  • functionality for implementing systems or methods of various aspects may be distributed among any number of client anchor server components.
  • various software modules may be implemented for performing various functions in connection with the system of any particular aspect, and such modules may be variously implemented to run on server and/or client components.

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Finance (AREA)
  • Accounting & Taxation (AREA)
  • Mathematical Physics (AREA)
  • Computational Linguistics (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Human Computer Interaction (AREA)
  • Artificial Intelligence (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Strategic Management (AREA)
  • Technology Law (AREA)
  • General Business, Economics & Management (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

L'invention concerne un système d'émission et de gestion autonomes de politiques d'assurance pour des risques liés à l'informatique et aux technologies de l'information, comprenant, entre autres, des pertes commerciales en raison de la disponibilité du système, des défaillances de calcul en nuage, des données actuelles et passées, et des problèmes d'intégrité de données. Le système utilisera une grande variété d'informations de risque actuelles pour évaluer la probabilité d'interruption ou de perte commerciale due à la fois à des problèmes accidentels et à une activité malveillante. Sur la base desdites évaluations, le système est capable d'émettre de manière autonome des politiques, d'ajuster les meilleurs prix, de traiter les revendications et de rechercher des opportunités de remboursement avec un minimum d'intervention humaine.
PCT/US2019/020606 2018-03-04 2019-03-04 Plateforme d'émission et de gestion en direct de politiques de cyber-assurance WO2019173241A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
AU2019231130A AU2019231130A1 (en) 2018-03-04 2019-03-04 Platform for live issuance and management of cyber insurance policies
EP19764222.6A EP3762893A4 (fr) 2018-03-04 2019-03-04 Plateforme d'émission et de gestion en direct de politiques de cyber-assurance

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US15/911,117 2018-03-04
US15/911,117 US10970787B2 (en) 2015-10-28 2018-03-04 Platform for live issuance and management of cyber insurance policies

Publications (1)

Publication Number Publication Date
WO2019173241A1 true WO2019173241A1 (fr) 2019-09-12

Family

ID=67846355

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2019/020606 WO2019173241A1 (fr) 2018-03-04 2019-03-04 Plateforme d'émission et de gestion en direct de politiques de cyber-assurance

Country Status (3)

Country Link
EP (1) EP3762893A4 (fr)
AU (1) AU2019231130A1 (fr)
WO (1) WO2019173241A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112488586A (zh) * 2020-12-18 2021-03-12 未鲲(上海)科技服务有限公司 风控预警数据的管理方法、系统,计算机设备及存储介质
US20220383422A1 (en) * 2021-05-26 2022-12-01 Insurance Services Office, Inc. Systems and Methods for Computerized Loss Scenario Modeling and Data Analytics
EP4102439A4 (fr) * 2020-03-31 2023-03-22 Sony Group Corporation Dispositif de serveur, dispositif de terminal, programme de traitement d'informations et procédé de traitement d'informations

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100114634A1 (en) * 2007-04-30 2010-05-06 James Christiansen Method and system for assessing, managing, and monitoring information technology risk
US20160110819A1 (en) * 2014-10-21 2016-04-21 Marc Lauren Abramowitz Dynamic security rating for cyber insurance products
WO2016109608A1 (fr) * 2014-12-30 2016-07-07 Cyence Inc. Système pour une politique de cyber-assurance comprenant un service d'évaluation/gestion de cyber-risque
US20170061547A1 (en) * 2009-12-31 2017-03-02 Hartford Fire Insurance Company Remote mobile payment
US20170187745A1 (en) * 2014-12-29 2017-06-29 Cyence Inc. Cyber Vulnerability Scan Analyses with Actionable Feedback

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100114634A1 (en) * 2007-04-30 2010-05-06 James Christiansen Method and system for assessing, managing, and monitoring information technology risk
US20170061547A1 (en) * 2009-12-31 2017-03-02 Hartford Fire Insurance Company Remote mobile payment
US20160110819A1 (en) * 2014-10-21 2016-04-21 Marc Lauren Abramowitz Dynamic security rating for cyber insurance products
US20170187745A1 (en) * 2014-12-29 2017-06-29 Cyence Inc. Cyber Vulnerability Scan Analyses with Actionable Feedback
WO2016109608A1 (fr) * 2014-12-30 2016-07-07 Cyence Inc. Système pour une politique de cyber-assurance comprenant un service d'évaluation/gestion de cyber-risque

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP3762893A4 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP4102439A4 (fr) * 2020-03-31 2023-03-22 Sony Group Corporation Dispositif de serveur, dispositif de terminal, programme de traitement d'informations et procédé de traitement d'informations
CN112488586A (zh) * 2020-12-18 2021-03-12 未鲲(上海)科技服务有限公司 风控预警数据的管理方法、系统,计算机设备及存储介质
US20220383422A1 (en) * 2021-05-26 2022-12-01 Insurance Services Office, Inc. Systems and Methods for Computerized Loss Scenario Modeling and Data Analytics

Also Published As

Publication number Publication date
AU2019231130A1 (en) 2020-11-05
EP3762893A1 (fr) 2021-01-13
EP3762893A4 (fr) 2021-12-29

Similar Documents

Publication Publication Date Title
US11475528B2 (en) Platform for live issuance and management of cyber insurance policies
US20180218453A1 (en) Platform for autonomous management of risk transfer
US20210073915A1 (en) Event-driven natural catastrophe modeling and model refinement for insurance and risk management
US20210173711A1 (en) Integrated value chain risk-based profiling and optimization
US20210035224A1 (en) Applying Telematics to Generate Dynamic Insurance Premiums
US20220058746A1 (en) Risk quantification for insurance process management employing an advanced decision platform
US11514531B2 (en) Platform for autonomous risk assessment and quantification for cyber insurance policies
US11693634B2 (en) Building segment-specific executable program code for modeling outputs
US20180300829A1 (en) System for intellectual property landscape analysis, risk management, and opportunity identification
US10402906B2 (en) Quantification for investment vehicle management employing an advanced decision platform
US20220058747A1 (en) Risk quantification for insurance process management employing an advanced insurance management and decision platform
US20210136122A1 (en) Crowdsourced innovation laboratory and process implementation system
US20180247321A1 (en) Platform for management of marketing campaigns across multiple distribution mediums
US20180232807A1 (en) Advanced decentralized financial decision platform
US20200058041A1 (en) System and Method for Generating Predictive Insights Using Self-Adaptive Learning
US20210398225A1 (en) Network risk assessment for live issuance and management of cyber insurance policies
WO2019173241A1 (fr) Plateforme d'émission et de gestion en direct de politiques de cyber-assurance
EP3701401A1 (fr) Plate-forme de gestion autonome de transfert de risque
WO2022015488A1 (fr) Affinement de modèle entraîné par événement de gestion d'assurance et de risque
US20180158147A1 (en) Modeling multi-peril catastrophe using a distributed simulation engine
WO2022015496A1 (fr) Application de télématique visant à générer des primes d'assurance dynamiques
AU2017355658A1 (en) Quantification for investment vehicle management and insurance process management
US20180130077A1 (en) Automated selection and processing of financial models
US20230177613A1 (en) Platform for autonomous risk assessment and quantification for cyber insurance policies
US20220164878A1 (en) Systems and methods for automated loan reconsideration and providing real time access to recommendations for loan qualification

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19764222

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2019764222

Country of ref document: EP

Effective date: 20201005

ENP Entry into the national phase

Ref document number: 2019231130

Country of ref document: AU

Date of ref document: 20190304

Kind code of ref document: A