“Inside-out” analytics prove preventive security best practices
Tenable has added a Cyber Insurance Report within its Tenable Vulnerability Management solution, which summarizes exposure information relevant to cyber insurance providers in an effort to streamline the policy underwriting process for both insurers and customers. The Tenable Cyber Insurance Report will enable insurers, for the first time, to measure preventive security programs by sharing vulnerability data that resides within the firewall.
Tenable has also partnered with Measured Analytics and Insurance on a referral program that provides qualifying Tenable customers with savings on cyber insurance policies. The relationship represents a new data-driven model for the cyber insurance business, with tangible savings offered to customers.
In a hard market, with premiums rising, even obtaining a cyber insurance policy is no longer guaranteed. It can also be a lengthy process for organizations seeking coverage, with labor-intensive and inefficient applications often based on lengthy, manual surveys of external risk data, which are little more than an estimate of an organization’s true cyber risk profile.
Even for companies with strong cybersecurity practices, risk-averse underwriters may scrutinize the available information and delay what should be a quick process. With Tenable’s Cyber Insurance Report, customers can share data that shows the insurance companies in black and white detail that they maintain good security hygiene along important dimensions.
“Measured was founded on the principle that not just any data can be used to underwrite cyber insurance,” said Jack Vines, co-founder and CEO, Measured Insurance. “By enhancing our AI-driven underwriting models with ‘inside-out’ data from Tenable and other partners, we’re able to build a holistic understanding of a client’s risk profile, which often results in savings on cyber insurance. Our integrated partner approach provides distinctive insight on risk, making all participants more secure and cyber resilient.”
Measured Analytics and Insurance offers advantaged pricing to qualified applicants who have a Tenable Vulnerability Management license and hit appropriate thresholds in their Cyber Insurance Report. Prospects could also receive additional discounts per additional licensed Tenable solution.
An Ounce of Prevention
Incident response companies have become the go-to responder for insurance providers investigating claims, but little has been done to reduce exposure by helping prevent the issue. Reducing exposure to breaches is much less expensive and predictable than responding after the fact.
The Tenable Cyber Insurance Report provides a way for customers to quickly assess their exposure management proficiency. Reliable metrics that show how well prepared a company is to prevent a breach, rather than simply responding to one, are vastly preferable in the risk assessment process insurers have traditionally struggled with.
“Most of the focus to date on assessing cyber risk for cyber insurance policies has been on whether a company has an adequate breach detection and response capability. But incident response means something has already gone wrong,” said Ray Komar, vice president of technical alliances, Tenable. “There’s never been a way for insurers to measure preventive security, until now.”
Tenable’s Cyber Insurance Report is free and automatically available within customers’ Tenable Vulnerability Management account. Cyber insurance policies with Measured are available for qualifying customers in the U.S. only. Tenable will continue to work with insurance partners to further refine data sources and reporting as part of the ongoing program.