Get My Score

Cyber Insurance

A Security Risk Score for Cyber Insurance

 

A CyberPosture score to help insurers better match their cyber insurance policies across the full spectrum of assets of a client's hybrid infrastructure needing protection, with a goal of saving the enterprise money through better alignment to their business and their actual risk posture.


Solution Guide

The Struggle

In the evolving world of cybersecurity, enterprises need access to cyber insurance that accurately reflects their current security posture and that covers both direct and indirect expenses. The same challenge, of course, applies to the insurers issuing the policies. Unfortunately, the evolving threat landscape and rising incidents of attacks has created difficulty in matching packages with premiums, and as one CISO has stated, the current state of risk modeling is like “trying to use the count of arrests for a crime to figure out the dollar losses from theft.”

The traditional way of sending out in-depth questionnaires no longer meets the strategy of the digital enterprise for cyber insurance underwriting, and in fact, prospects are many times hesitant to answer unclear technical questions they fear may lead to denial of coverage, higher rates, or even denial of future claims. How can enterprises quickly, automatically, and without error or ambiguity provide evidence of the maturity of their information technology and information security programs?

The Solution

Cavirin’s CyberPosture Intelligence delivers a Cybersecurity score that reflects the organization’s current security posture across the hybrid cloud, spanning on-premise, AWS, Azure, and Google Cloud. For underwriting, the cyber insurance broker will conduct an assessment of an enterprise client, generating this score based on an evaluation against a wide set of compliance and best practice frameworks, as well as live monitoring where applicable. An enterprise receiving a cybersecurity insurance score will have in-hand the necessary guidance to conduct remediation action to raise their score, much like a driver is provided with guidance to improve their habits.

An insurer may instruct the enterprise to deploy the Cavirin solution, generating a score and providing it as part of the underwriting process. Alternatively, the insurer will operate the system on behalf of their enterprise clients, periodically or continually re-assessing. Ultimately, Cavirin’s solution, as well as others in this space, will help insurers better match their cyber insurance policies across the full spectrum of assets needing protection, with a goal of saving the enterprise money through better alignment to their business and their actual risk posture.

Outstanding Features

  • Continuous discovery, analysis, and remediation of assets, vulnerabilities, and compliance across complex IT infrastructures. 
  • A quicker and more accurate way of issuing liability policies, more accurate security benchmarking Cloud-agnostic architecture enables AWS security, GCP security, Azure security, Docker security, as well as on-premise supporting VMware and KVM security.
  • An agentless architecture provides a non-intrusive view into the prospect’s environment and is capable of running trusted, deep security scans across distributed infrastructures regardless of the topology.
  • Cybersecurity brokers may conduct assessments of their prospects, or alternatively, offer Cavirin as a managed service to develop more accurate underwriting and policy creation. 
  • Continuous assessments, so the broker has a real-time view, as needed, inside the risk posture of their customers, as opposed to just a snapshot in time.
  • Pre-loaded CIS Benchmarks and compliance regulation standards of 150 thousand tests, with single touch remediation and orchestration, to ensure security management and reduce the threat of a breach.

© 2018 Cavirin Systems, Inc. All rights reserved.