Total Tests:

The Wild West of the Nascent Cyber Insurance Industry

By Kevin Townsend for SecurityWeek
Friday, November 12, 2021

The logical extension to enquiring about security postures would be to start insisting on certain controls. This would be a large step too far. To be effective, it would require the insurance company to have the visibility of a CISO, the business understanding of the board, and the purse strings of the CFO within every insured company. This would be far too expensive for the insurer and far too intrusive for the customer. It is, quite simply, a non-runner.

Implementing continuous monitoring

A third approach would be for the insurance industry to base their premiums on recommendations from third-party security scanning companies – such as Qualys, BlueVoyant, ImmuniWeb, Outpost24, SecurityScorecard and many others. This could provide a form of continuous posture monitoring; something missing from both the audited security insurance standard and the questionnaire-based approaches. It also promises to be less intrusive and therefore more acceptable to the customer. The insurance company can simply say, our scans say you are weak in these areas: strengthen them and you will qualify for lower premiums. Read Full Article

Book a Call Ask a Question
Talk to ImmuniWeb Experts
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
Your data will stay private and confidential