Dynamic Loss Prevention. You may have heard us crowing about it at Corvus (pun intended) – but if you haven’t worked with us before it might not be obvious what the “DLP” is, and why we created it. Today I’m sharing some basic insight into this key component of our Smart Commercial Insurance products.
In short, Dynamic Loss Prevention is a way for policyholders with Corvus to better understand, manage, and reduce their risk.
There are a couple key components to consider. First, the heart of the matter: loss prevention. Let’s explore this in the context of cyber insurance. When a company is being quoted for a cyber insurance policy, a good deal of analysis of their current IT security must be conducted in order to provide optimal pricing and coverage options. At Corvus, that analysis is done through an automated scan. While the data we gather from the scan is immediately necessary for underwriting purposes, it’s far from the only way it can be useful.
The DLP Report breaks down the information into a single Corvus Smart Score (a weighted measure of overall security), Risk Exposures (ratings for each of the eight risk groups that comprise the Smart Score) and Recommendations (clear advice on opportunities to fix vulnerabilities, prioritized by potential impact on overall security). See the video below for a closer look.
No matter how actively an organization monitors and adapts their IT security, information from the scan can provide a useful perspective. Sometimes it reveals blind spots, where IT managers had overlooked a vulnerability. Sometimes a new issue has arisen since the last time there was a comprehensive check-up. Many organizations simply do not actively manage IT security, and the DLP provides a primer and direction for them to get started.
Whatever the case may be, the information can be put to use by the policyholder to proactively mitigate risk. Looking at the exposure groups gives a broad sense of where trouble spots are, and Recommendations are intended to be actionable. If steps are taken to improve, not only will the policyholder mitigate their risk of a claim, they may see improved pricing or coverage options when it is time to renew.
Why is is the DLP “dynamic”? Simple: it’s not a one-and-done report. We deliver DLP reports to policyholders throughout the policy period, and upon renewal. These reports can show a developing trend (good or bad) in IT security. If it’s a negative trend, the policyholder can nip it in the bud before it becomes a major issue. These days, with more and more data being stored in web-accessible (cloud) infrastructure and companies expanding their digital capabilities, the “dynamic” aspect of the DLP is critical.
See our video to take a look at a DLP Report up close, and click to get more info about how we map Risk Exposures to IT vulnerabilities.