Cyber Risk Management Project (CyRiM)


About CyRiM

Cyber Risk is an emerging risk with new complexities that call for insurers and risk managers to jointly develop innovative solutions and tools, and enhance awareness and underwriting expertise.

The Cyber Risk Management (CyRiM) project is led by NTU-IRFRC in collaboration with industry partners and academic experts. CyRiM is a pre-competitive research project that aims to foster an efficient cyber risk insurance market place through engaging industry and academic experts guided by government and policy level research. The CyRiM project will help Singapore to become an industry centre of excellence on cyber risk and grow the cyber risk insurance market by promoting both the demand and the supply of insurance coverage.

  • ​​​​January 2019 - CyRiM Bashe Attack Report 

This report, ‘Bashe attack: Global infection by contagious malware’ explores a scenario in which companies’ devices are infected with malware that threatens to destroy or block access to files unless a ransom is paid. 

The attack is launched through an infected email, which once opened is forwarded to all contacts and within 24 hours encrypts all data on 30 million devices worldwide. Companies of all sizes would be forced to pay a ransom to decrypt their data or to replace their infected devices.  

The report estimates a cyber-attack on this scale could cost $193bn and affect more than 600,000 businesses worldwide.

Despite the high costs to business, the report shows the global economy is underprepared for such an attack with 86% of the total economic costs uninsured, leaving an insurance gap of $166bn.  

The report:

  • Analyses regional economic impacts in the US, Europe, Asia and the rest of the world.
  • Analyses the economic impacts by industry sector.
  • Challenges assumptions of how prepared the global economy is for a cyber-attack of this nature and scale.   
  • Highlights lessons for the insurance sector in terms of policy, legal and aggregation issues in cyber insurance products.   
  • Identifies opportunities for insurers to expand their business in insurance classes associated with ransomware attacks.  

The report is a publication from the Cyber Risk Management (CyRiM) project, the Singapore-based public-private initiative that assesses cyber risks.  

Download the report CyRiMBasheAttack_FINAL.pdfCyRiMBasheAttack_FINAL.pdf.

  • October 2019 - CyRiM Shen Attack Report

A single cyber attack on major ports across Asia-Pacific could cost $110 billion, which is roughly equivalent to half of all losses from natural catastrophes globally in 2018*. This is according to new research released today by Lloyd’s, the world’s (re)insurance market.

The report is a publication from the Cyber Risk Management (CyRiM) project, the Singapore-based public-private initiative that assesses cyber risks.

Download the report  CyRiM_ShenAttack_FinalReport.pdfCyRiM_ShenAttack_FinalReport.pdf