Big Companies Have An Achilles Heel

Uploaded on 2018-09-10 in NEWS-News Analysis, FREE TO VIEW, BUSINESS-Services-Financial

A new survey from analytics firm FICO has found that the number of US companies with full-coverage cybersecurity insurance has skyrocketed from last year, while 24% still reported that they did not have any cyber insurance.

For those that remain uninsured, and the insurance companies with an eye on targeting these firms, a cybersecurity analytics platform has come up with a more effective way to price policies.

“From a cybersecurity perspective, when you’re an insurance company and you’re writing a policy for somebody, how do you charge them for it? We measure the risk and give them the metrics to charge for that policy,” said Steve Timmerman, VP of marketing and business development at RedSeal, which offers enterprise software that builds a model of a company’s network, identifies vulnerabilities, and provides a digital resiliency score that allows insurers to write a cyber premium based on that score.

It’s the larger entities that often need support in finding out where they have cybersecurity gaps.

“If you can keep track of your network on an Excel spreadsheet, you don’t need to buy enterprise software to do it,” said Timmerman, adding that RedSeal works with some of the biggest networks in the world. “These are the most complicated organisms on the planet now because they’ve been developed over 30 years by five different teams.”

The Internet of Things and a revolving door of new access points have made tracking a network’s structure and all of its at-risk points difficult, especially as many companies turn to cloud-based services that can potentially add to the problem.

“It’s those parts of the network that can be your Achilles’ heel because you don’t know they exist, you don’t manage those actively, and you may not scan them properly,” said Timmerman.

Recently, the cybersecurity company partnered with XL Catlin to reach its insureds. Based on how a client scores, the insurer can then update their policy to better reflect their risk profile.

“The idea is to provide both the insured, but also the underwriter and the broker, real information about how the network is operating, and that’s where the vacuum has been,” explained Timmerman. “There’s a lot of paper surveys [that ask companies] about your qualifications, what’s your philosophy about patching software, and those questions don’t even make sense,” especially since many risk managers are likely to respond with positive answers.

“We’re trying to inject more data into the decision about how underwriters measure and then price cyber insurance,” he told Insurance Business.

Insurance Business:

You Might Also Read:

Cyber Audits Can Save Businesses $1.5m:

« British Airways Fake Facebook Page
British Airways Data Breach »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

City Security Magazine

City Security Magazine

City Security magazine helps promote best security practices and keep businesses informed on a wide variety of security-related issues.

NextPlane

NextPlane

NextPlane provide secure real-time B2B unified communication and collaboration solutions within and across business systems.

Aviva

Aviva

Aviva provides Cyber Liability cover for small to mid-market customers to help combat the threat of data and privacy breach.

Subgraph

Subgraph

Subgraph is an open source security company, committed to making secure and usable open source computing available to everyone.

Gemserv

Gemserv

Gemserv is a specialist market design, governance and assurance services consultancy.

Flipside

Flipside

Information Security training provider specialized in personalized training and security awareness campaigns.

Innova

Innova

Innova is Turkey's leading IT solutions company, providing platform independent solutions to organizations in telecommunication, finance, production, public and service sectors.

ISA Global Cybersecurity Alliance (ISAGCA)

ISA Global Cybersecurity Alliance (ISAGCA)

Objectives of the ISA Global Cybersecurity Alliance include the acceleration and expansion of standards, certification, education programs, advocacy efforts, and thought leadership.

ADGS

ADGS

ADGS is a deeptech company focused in the fields of Agent-Based simulations (Emergent Behavior), Cybersecurity and Biometrics, Social Dynamics, Natural Language Processing and Artificial Intelligence.

Tugboat Logic

Tugboat Logic

Tugboat Logic was created to address the skills and expertise gap in the security and compliance industry. Our goal is to simplify and automate information security management for every enterprise.

Wisetek

Wisetek

Wisetek is a global provider of end-to-end IT Asset Disposition (ITAD), reuse and secure data destruction management services to the world’s leading IT Corporations, data centres and manufacturers.

PlexTrac

PlexTrac

PlexTrac is a cybersecurity reporting and workflow management platform that supercharges security programs, making them more effective, efficient, and proactive.

TheGreenBow

TheGreenBow

TheGreenBow is a trusted VPN software company. We help organizations and individuals become cyber-responsible. For this, we design and develop reliable and easy-to-use solutions.

Datastream Cyber Insurance

Datastream Cyber Insurance

DataStream Cyber Insurance is designed to give SMB’s across the US greater confidence in the face of increasing cyber attacks against the small and medium business community.

Daisy Corporate Services

Daisy Corporate Services

Daisy is one of the largest providers of communications and IT solutions across the UK, with a portfolio spanning unified communications, cloud, cyber security and resilience.

Hushmesh

Hushmesh

Hushmesh is a start-up aimed at securing the world’s digital infrastructure by developing develop the Mesh, a global information space with automated security built in.