Big Companies Have An Achilles Heel

A new survey from analytics firm FICO has found that the number of US companies with full-coverage cybersecurity insurance has skyrocketed from last year, while 24% still reported that they did not have any cyber insurance.

For those that remain uninsured, and the insurance companies with an eye on targeting these firms, a cybersecurity analytics platform has come up with a more effective way to price policies.

“From a cybersecurity perspective, when you’re an insurance company and you’re writing a policy for somebody, how do you charge them for it? We measure the risk and give them the metrics to charge for that policy,” said Steve Timmerman, VP of marketing and business development at RedSeal, which offers enterprise software that builds a model of a company’s network, identifies vulnerabilities, and provides a digital resiliency score that allows insurers to write a cyber premium based on that score.

It’s the larger entities that often need support in finding out where they have cybersecurity gaps.

“If you can keep track of your network on an Excel spreadsheet, you don’t need to buy enterprise software to do it,” said Timmerman, adding that RedSeal works with some of the biggest networks in the world. “These are the most complicated organisms on the planet now because they’ve been developed over 30 years by five different teams.”

The Internet of Things and a revolving door of new access points have made tracking a network’s structure and all of its at-risk points difficult, especially as many companies turn to cloud-based services that can potentially add to the problem.

“It’s those parts of the network that can be your Achilles’ heel because you don’t know they exist, you don’t manage those actively, and you may not scan them properly,” said Timmerman.

Recently, the cybersecurity company partnered with XL Catlin to reach its insureds. Based on how a client scores, the insurer can then update their policy to better reflect their risk profile.

“The idea is to provide both the insured, but also the underwriter and the broker, real information about how the network is operating, and that’s where the vacuum has been,” explained Timmerman. “There’s a lot of paper surveys [that ask companies] about your qualifications, what’s your philosophy about patching software, and those questions don’t even make sense,” especially since many risk managers are likely to respond with positive answers.

“We’re trying to inject more data into the decision about how underwriters measure and then price cyber insurance,” he told Insurance Business.

Insurance Business:

You Might Also Read:

Cyber Audits Can Save Businesses $1.5m:

« British Airways Fake Facebook Page
British Airways Data Breach »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Perforce Software

Perforce Software

Perforce helps companies build complex software products more collaboratively, securely, and efficiently.

Mobile Guroo

Mobile Guroo

Mobile Guroo is a strategy and systems integrator for Enterprise Mobility Management projects.

Texplained

Texplained

Texplained specializes in security audits of microchips to identify vulnerabilities and protect against invasive cyber attacks.

OSIRIS Lab - NYU Tandon

OSIRIS Lab - NYU Tandon

The Offensive Security, Incident Response & Internet Security Lab (OSIRIS) is a security research environment where students analyze and understand how attackers take advantage of real systems.

Sangfor Technologies

Sangfor Technologies

Sangfor is a global leader of IT infrastructure, security solutions, and cloud computing.

Cyversity

Cyversity

Cyversity's mission (formerly ICMCP) is the consistent representation of women and underrepresented minorities in the cybersecurity industry.

Bio-Morphis

Bio-Morphis

Bio-Morphis Reflex solution is a paradigm shift in the approach to information systems security.

Intraprise Health

Intraprise Health

Intraprise Health is a Certified HITRUST Assessor and award-winning provider of health information security products and services.

Cyphra

Cyphra

Cyphra’s team provide cyber security consulting, technical and managed services expertise and experience to support your organisation.

7layers

7layers

7layers has established itself as one of the world’s leading test house groups for mobile devices and the growing number of wireless devices, modules and chipsets.

Rayzone Group

Rayzone Group

Rayzone Group offers a wide range of Cyber Security solutions and services, providing hollistic protection suitable for both enterprises and National cyber security centers.

Balance Theory

Balance Theory

Balance Theory provides the knowledge infrastructure and collaboration center for the cybersecurity community. A networked community to build better cybersecurity outcomes.

VISO Cyber Security

VISO Cyber Security

VISO provide Cyber Security Consulting and CISO as a Service to companies who need to augment their leadership teams with information security expertise.

Core4ce

Core4ce

Core4ce is a mission-oriented company that serves as a trusted partner to the national security community.

Allot

Allot

Allot are a global provider of leading innovative network intelligence and security solutions for Service Providers and Enterprises worldwide.

US Cyber Games

US Cyber Games

US Cyber Games is committed to inform and inspire the broader community on ways to develop tomorrow’s cybersecurity workforce.