The Forrester Wave™: Cybersecurity Risk Ratings Platforms, Q2 2024
SecurityScorecard Joins Forces with Measured Analytics and Insurance to Deliver Industry-First Cyber Insurance Discounts for Top Security Ratings
Continuous cyber risk assessments with actionable threat mitigation plans reduce breach likelihood and financial vulnerability.
News Summary
- AI-powered cyber insurance mitigates business risk
- Cyber insurance study identifies 7 early indicators of cybersecurity breaches
- Alliance offers transparent cyber insurance pricing amid evolving threats
NEW YORK – Sept. 13, 2023 — SecurityScorecard today announced an alliance with Measured Analytics and Insurance, the AI-powered cyber insurance provider. The initiative delivers the first cyber insurance premium incentive (e.g., discounts) for Security Ratings.
“Together with SecurityScorecard, Measured is reimagining how organizations manage cybersecurity as a business risk,” said Jack Vines, CEO, Measured Insurance. “The dynamic threat landscape requires real-time risk assessment, best-in-class cybersecurity tools seamlessly integrated with comprehensive cyber insurance. SecurityScorecard sees what a threat actor sees, which allows us to deliver more accurate and responsive cyber insurance coverage and rates.”
Measured Insurance harnesses the power of proprietary AI data analytics and national security-grade threat intelligence to deliver a new generation of cyber insurance. The alliance between SecurityScorecard and Measured Insurance equips organizations with data-driven cyber risk insights to validate their defenses, prioritize investments, and strengthen proactive cybersecurity strategies.
Transparency in cyber insurance pricing
The cyber insurance landscape experienced a pivotal shift in 2022, with a 28% surge in cyber insurance premiums during Q4, as reported by Marsh, a leading cyber insurance broker. This surge in premiums reflects the escalating financial repercussions of cyber incidents, exemplified by a staggering $40 million payout for a single ransomware attack. These trends underscore the urgency for robust cyber risk management strategies.
Measured and SecurityScorecard enable organizations to effectively incorporate cyber insurance into their risk management strategy, even as insurance costs remain uncertain. This approach will also enable the procurement of cyber insurance as part of a broader program of corporate investment and enterprise risk management. Security Ratings are transparent and actionable, meaning organizations can clearly understand what they need to do to qualify for the premium incentives.
Backed by data: How SecurityScorecard predicts breaches
In the financial world, credit ratings serve as vital risk estimation tools. Inspired by this, the Marsh McLennan Global Cyber Risk Analytics Center and SecurityScorecard studied Security Ratings alongside cyber claims data. This research study identified seven factors predictive of breaches:
- Endpoint Security: Tracks identification points that are extracted from metadata related to the operating system, web browser, and related active plugins.
- Patching Cadence: Analyzes how quickly an organization installs security updates to measure vulnerability risk mitigation practices.
- Ransomware Score: Measure how susceptible the organization is to a ransomware attack.
- Network Security: Checks public datasets for evidence of high-risk or insecure open ports within the organization network.
- DNS Health: Measures the health and configuration of an organization’s DNS setting. It validates that no malicious events occurred in the passive DNS history of the organization’s network.
- IP Reputation: Make use of the SecurityScorecard sinkhole infrastructure as well as a blend of OSINT malware feeds and third-party threat intelligence data-sharing partnerships.
- Cubit Score: Measures a variety of security issues that an organization might have, e.g., checks public threat intelligence databases for IP addresses that have been flagged.
SecurityScorecard accurately models cyber risk so organizations can reduce risk while maximizing cyber insurance investments. SecurityScorecard continuously scans an organization’s attack surface. Then, it assigns a standardized score based on threat exposure and correlation to cyber incidents.
Benefits of the SecurityScorecard and Measured alliance include:
- Complimentary cyber risk assessment: SecurityScorecard identifies security gaps and factors that determine premium cost.
- Action plan to mitigate threat exposure: A data-driven, comprehensive plan ensures customers have a roadmap to qualify for the cyber insurance premium incentive (e.g., discount).
- Cybersecurity investment prioritization: SecurityScorecard pinpoints the most impactful security issues based on an organization’s unique attack surface to prioritize cybersecurity investments.
- Free cybersecurity ratings: SecurityScorecard is the only solution that offers free access to security ratings. Customers will always be able to monitor their threat exposure and premium incentive eligibility ahead of renewal and during the policy period.
With over 12 million organizations continuously rated, SecurityScorecard provides a concise, meaningful, and actionable cyber risk measurement. In fact, an extensive SecurityScorecard study found organizations with an A rating are 7.7x less likely to experience a breach.
“History shows that a cyber insurance policy alone is insufficient for mitigating threat exposure. Strong cybersecurity hygiene and cyber insurance must go hand in hand,” said Sachin Bansal, Chief Business Officer, SecurityScorecard. “We are proud to partner with Measured Analytics and Insurance to change how organizations, brokers, and carriers calculate and communicate cyber risk through a common operating picture of risk.”
Availability
This cyber insurance incentive is available now, offering organizations a direct path to both heightened security and financial benefits. For more information, visit:
https://securityscorecard.com/measured-insurance/
Resources
- To access a free Security Ratings report and determine your organization’s eligibility for the cyber insurance incentive program, explore our Instant Scorecard.
- Read the latest blog post from Andrew Correll, Director of Insurance Solutions at SecurityScorecard: 3 Benefits of an A Rating.
- Delve deeper into the synergy of cybersecurity ratings and risk reduction by reading our research developed in collaboration with Marsh McLennan.
About Measured Analytics and Insurance
At Measured Analytics and Insurance, we provide more than cyber insurance, we light the path to confidence and security in cyber realms. We offer practical answers and innovative cyber insurance solutions for businesses seeking to manage enterprise cyber risks. Whether it’s cybercrime, business interruption, or other malicious activity perpetrated by bad actors, the threats and the financial costs are real and complex. Our aim is to make our customers fluent and confident in integrating financial risk mitigation and cyber risk management into enterprise risk management.
Partnered with leading global cybersecurity software companies, Measured first helps ensure our customers are technologically secure. Then, Measured provides cyber insurance to protect businesses and manage enterprise financial risk. With national security-grade threat intelligence in our DNA, our team monitors the threat environment and evaluates insureds’ risk exposure on an ongoing basis. We ask the right questions, leveraging our proprietary data and algorithmic intelligence. We then analyze and interpret, solving for optimal protection and value, based on our multi-decade experience in insurance underwriting, data analytics, and technology. Companies want confidence, quantified.
Diligence, quantified. Trust, quantified. That is Measured.
For more information, please visit: www.measuredinsurance.com
About SecurityScorecard
Funded by world-class investors, including Evolution Equity Partners, Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings, response, and resilience, with more than 12 million companies continuously rated.
Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard’s patented rating technology is used by over 25,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight.
SecurityScorecard makes the world safer by transforming how companies understand, improve and communicate cybersecurity risk to their boards, employees, and vendors. SecurityScorecard is listed as a free cyber tool and service by the U.S. Cybersecurity & Infrastructure Security Agency (CISA). Every organization has the universal right to its trusted and transparent Instant SecurityScorecard rating. For more information, visit securityscorecard.com or connect with us on LinkedIn.
Media contact
Ashley Nakano
SecurityScorecard
[email protected]