Detailed understanding of risk is essential to the insurance industry, and the Science of Risk Prize is designed to challenge researchers and Lloyd’s insurers to stretch their thinking. Dr Dougal Goodman, Chair of the Prize Committee and Chief Executive of The Foundation for Science and Technology said: “The prize process has sent a strong signal to the research community that Lloyd’s is interested in research and finding new ways to apply it to improving underwriting”. Now in its sixth year, this year's academic community were invited to submit papers in one of the following two categories:

• Big data analytics and machine learning; and
• Cyber risk

The winners were announced on 25 November with the awards presented by Tom Bolt, Lloyd's Director of Performance Management.

Within the category of "cyber risk", Stefan Laube was awarded first prize for his paper on "Mandatory Security Information Sharing with Authorities: implications on investments in internal controls".The paper was prepared with co-author Rainer Böhme.

In a speech in the aftermath of the Paris attacks, UK Chancellor George Osborne ranked cyber alongside "guns, bombs and knives" as threats to UK security. Against such a backdrop, the work of Stefan Laube, Science of Risk winner in the "cyber risk" category, is timely and significant. He explained how effective cyber security can no longer be carried out within silos. Using the medical data breach at the health insurer Anthem earlier this year as an example, Stefan Laube illustrated how interdependence in economies can lead to what economists call negative externalities. “The security breach at Anthem did not only affect this particular health insurer. It also affected customers and other firms. These parties were only able to mitigate losses because Anthem shared information on its security breach.” Stefan Laube argued that externalities might justify laws that mandate firms to share security information with the government and that these laws change firms’ investment incentives. “Such initiatives must include incentive mechanism for firms to comply. If they work, they can strengthen security awareness, increase security spending and stimulate growth of a market for cyber insurance. But if incentives are misaligned, firms may over-spend on security, thereby stifling potential for innovation and growth.” He highlighted that the net effect of security information sharing with governments on firms’ cyber exposure is still largely unknown. “When firms share security information, the government can warn and advise other market participants. This may leverage the effectiveness of security investments and prevent breaches. However, we lack empirical evidence for this leverage effect while we know about costs and risks of sharing. Bottom line, cyber security is a race for information. You should only bring in parties who can deal with the pace and have a proven ability to give the defenders an edge.”

In their summary, the judges praised Laube's "excellent quality of research and relevance to the insurance industry".

More information on the Science of Risk Prize can be found here.