Renewables Operator Saves on Cyber Insurance

Cyber Insurance buyer at a large Renewables IPP who has responsibility for dozens of sites in North America needed to understand the OT cyber risk at their Wind and Solar to buy the right cyber insurance policies.

The Challenge

Understanding a portfolio-level view of cyber risk exposure for renewable operating assets in wind and solar during cyber insurance renewal process.

The organization had rates increasing on their cyber insurance policy by 400% over a two-year span while their cyber coverage deceased by 40%.

The cyber insurance buyer and the director of cyber security had never worked together.

The CEO often used cyber insurance policy as a risk mitigation strategy to accept cyber risk in the company’s business model.

The Solution

DeRISK was deployed to a wind site in Texas to test the speed and accuracy of an automated OT cyber risk assessment with financial outputs.

  • Cybersecurity team and cyber insurance team started to share data across their organizations about existing policy, costs, and options of cyber insurance.
  • CFO enabled the review of the insurance policies before the renewal process to ensure that the correct cyber coverage was being procured.
  • After the cyber risk assessments were done on site the expected risk estimated costs at a 1 in 20 year event were shared with the cyber insurance team.

The Results

DeRISK was able to provide the client a detailed risk assessment explaining their overall cyber exposure and top risk components, helping to prove that the client’s insurance renewal process to buy cyber insurance get the CFO updated on the OT cyber risk on the balance sheet and the risk being transferred to cyber insurance.

DeRISK showed us our cyber insurance gaps in our coverage during renewal

The decision was made by the executive team to shift resources to liability cyber coverage instead of the property and causality cyber insurance that was being procured enabling true risk transfer.

DeRISK dashboard uncovered a significant risk exposure in the value at risk and where risk transfer to insurance would be most beneficial.

Expected Loss Breakdown

Probability and Expected Loss $'s

0 %

Probability of loss

0 M

Loss of productivity & downtime


Equipment damage

Expected Losses vs Site Revenue

0 %

Risk to revenue

0 %

Compared to industry average

Because of the nature of the customer’s operations as a renewable energy producer, an overwhelming majority of total risk comes from these top two cyber event types: (1) Loss of Productivity & Downtime (2) Equipment Damage makes up 79.9%.