Back arrow
Case Study April 30, 2024

Willis Towers Watson (WTW)



My name is Claudia Piccirilli.

I’m the Global Head of Data Science and Analytics for Global Phoenix within Willis Towers Watson.

Yeah. The data science and analytics team is responsible for developing new quantitative models and data science insights in order to support the brokerage. And so what we do is we look at all of the placements that our brokers have placed with clients.

We analyze that data, and we develop models that help our clients to understand what their cyber risk exposure is, to benchmark the cyber insurance that they’re buying relative to peers, And and then we also look at the trends, in in the buying patterns, and in what is being placed so that we can help clients and the brokers to better understand what might be coming in the future. I think that the easiest way I could describe how we’re measured is the extent to which the brokers are dependent upon the models that we develop and how dependent they are on the level of insights and analytics that we provide to them as they go to help clients in their renewals and new sales.

While I wasn’t present at the time that the evaluation of security ratings, vendors. I do know that they were looking for a SaaS product that had very rich data that we could leverage as part of what we’ll call our Data Lake, that is utilized in order for us to build our own cyber risk quantification model, which is called cyberquantify.

And the extent to which we felt our clients would be able to easily acknowledge and adapt to reviewing their security ratings relative to other vendors in the space. So we were using SecurityScorecard originally from two thousand nineteen in two ways. One way was just leveraging the security ratings themselves and the reports that security scorecard provides as we went to work with our renewal clients as well as with new prospects.

It helped them to understand the way the world was seeing their security rating, their cyber posture, in the form of a security rating.
The more important way that we were working with SecurityScorecard was integrating the security scorecard score into our cyber quantified product, where we help people to understand what their cyber risk exposure is. We have integrated security scorecard to a whole new level It is now the detailed findings, from security scorecard scans, along with data from our data lake, including our own claims, are taken into account to develop a very rich proprietary cyber risk profile, to support the client as one of the factors that goes into helping to identify what their cyber risk exposure is. So we’re really using it, to a whole new level with very rich data behind it.

There are a whole lot of things that have impressed me about our work with SecurityScorecard. I think some of the ones that are at the top of the list include, the fact that we can really show the detail behind why there might become certain concerns about a cyber risk profile and work with the client to say Is this realistic? What needs to be changed in order to get a valid rating? If they don’t feel that it’s valid, understanding what their digital footprint is is a key benefit because sometimes hygiene has been such that they haven’t cleansed that digital a print, and they’re not even aware that certain assets are being tagged as theirs.

We’ve just appreciated the relationship because as we’ve seen opportunities for new data, that could really enrich our cyber risk exposure and quantification.

When we’ve reached out to SecurityScorecard, very often we find that they’re able to address those without too much trouble. And that helps us to perfect our application to a whole new level.

I’d say the richness and professionalism with which that information is reported makes it easy for us to take that and work with our clients as we’re trying to help them with their renewal or their new sale.

But the improvements within the platform with things like benchmarking, custom scorecards, other types of reporting, all these new enhancements to the portal, have been tremendous as we provide complimentary access to our clients, to the SecurityScorecard platform. And they are able to help themselves to monitor what’s going on in their environment.