Connect with us
Our website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

INSURANCE

Using Threat Intelligence to Minimise Cyber Insurance Risks

Using Threat Intelligence to Minimise Cyber Insurance Risks.

Cyber Liability Insurance is one of the fastest growing insurance products on the market today. While the product has been around for a number of years it has only recently starting to gain traction amongst IT and security professionals after a number of high-profile security breaches and the incoming General Data Protection Regulation, which will only see this market expand further.

If Cyber Insurance is the next addition to your service portfolio, or even a current product on your portfolio you need more understanding of the potential risks that a loss across a technology, sector or specific company may bring. Failing to fully understand your client’s risk either makes the policy too expensive, or makes you negligent, so which is it to be?

The challenge is that currently, there’s little market intelligence available to help you quantify the risk to your client’s infrastructure, their business or their clients. In fact there isn’t really anything that can genuinely help you understand the risk associated with a specific type of technology your client employs, or the latest threats to the industry sector in which they operate.

Likewise, there’s no model that helps you predict what or where the next breach might be, or to understand the financial impact to the insured’s business. So what can you do?

A Moving Target?

Given there is never likely to be a claim database that can help predict risk with a high degree of granularity (at least not reliably), like most of these kind of things, it is the human factor that takes away the majority of the predictability.

With the attack surface of organisations’ infrastructure continually changing, using past claim data as a means for predicting the future of cyber risk is the equivalent of trying to use a spoon to dig the next Channel Tunnel – you’re not going to get anywhere fast and by the time you get there, the UK might have left the EU.

This constant evolution of threats has created a latent need for continually monitoring a client’s exposure to risk, aligning this with changing threat profile and vulnerability exposure. Alongside these should sit factors such as geographic location, industry sector and technology type, and finally score each element against every other business connected to the internet– whether they’re on your books or not.

Applying a capability such as risk alerting, which helps inform your target market segment on a daily or hourly basis, creating awareness of risk change and potential claim aggregation scenarios is now a distinct possibility. And being able to accurately price based on all of these factors is both tangible and scalable.

Remodeling Insurance Risk

This model will soon become commonplace for the insurance sector. This type of analysis is already applied to other markets, giving organisations a real-time view of where they should improve their security and how best to invest scarce budget to achieve the biggest return – i.e. a robust, offensive security posture.

Entire market sectors and the infrastructure of whole nations have already been mapped out, providing an accurate and up-to-the-minute view of these rankings to CIOs and security chiefs, with the same framework now in place to fuel the cyber insurance market.

Ultimately this new model enables both insurance providers and their respective IT departments to better understand new trends in vulnerability exploitation and accurately predict how they could impact their organisations in an interconnected cyber insurance marketplace.

Pete Shoard, chief architect at cybersecurity service provider, SecureData

Continue Reading