On the occasion of the Black Hat USA conference in Las Vegas, we’re sharing two updates from Corvus relating to the ever-expanding intersection of cybersecurity and cyber insurance.
SMEs and Cyber Insurance
This month we partnered with Blackberry on a survey to learn more about how small and medium enterprises view cyber insurance and solutions like endpoint detection and response (EDR).
Our Biggest Takeaways From the Blackberry Partnership:
SMEs still have a long way to go in getting properly insured for cyberattacks.
The survey found that only 55 percent of respondents currently have cyber insurance, while 28 percent intend to acquire coverage shortly. Of those with insurance, over one-third (37 percent) aren’t covered for ransomware payments — a clear indication of being under-insured, given that ransomware has been trending “down market” to smaller entities over time.
Insurance buyers now expect risk services as part of the offering.
It’s unusual to get valuable services as part of a commercial insurance policy, so in the past Corvus had to work to inform policyholders about our unique offerings. The survey finds that now the strength of an insurer's risk mitigation services is one of the buyer’s top considerations. It found that many businesses are craving an increased consultative process with insurers so they are assured coverage will fit their needs.
Confirmed: buyers see data sharing as a path to better insights.
Since Corvus is building our Smart Cyber Partnerships™, we were keen to know how businesses feel about the prospect of gaining insights about their security posture through shared data. We were glad to see that the survey found businesses are increasingly willing to treat insurance carriers as partners. Almost two-thirds (64 percent) were either very or extremely willing to have insights on security hygiene passed directly from software provider to insurance carrier. Slightly less (61 percent) expressed the same comfort level in providing insurance carriers with access to internal security posture to allow for dynamic coverage updates.
More good news for Corvus policyholders: another provider has joined our group of Smart Cyber Partnerships™: Lacework!
Lacework is the data-driven security company for the cloud. Lacework Polygraph® Data Platform organizations can detect and prevent threats, continuously monitor vulnerabilities to prioritize risks, and achieve compliance across multi-cloud environments.
With a free 30-day trial from Lacework, Corvus policyholders could see:
50% reduction in security spend
1.4 critical alerts per day
400% improvement in security issue resolution
80% less investigation time
2x increased productivity
Why are partnerships between security providers and insurers important? Ask Michael Musselman, Sr. Director of Technology & Strategic Alliances at Lacework:
“Cyber threats continue to grow exponentially in cost and impact to businesses around the globe. No single solution can tackle cyber risk. It truly takes an ecosystem of experts to combat bad actors in the cyber world. We at Lacework share this belief with Corvus Insurance and are very excited to join Corvus Insurance’s Smart Cyber Partnerships™ to bring cyber risk prevention and mitigation to their policyholders. We have an amazing ecosystem of our own and invite Corvus policyholders to test drive our data-driven approach to cloud security."
Corvus policyholders can access this offering from Lacework by logging into their Policyholder Dashboard and viewing the Vendor Marketplace. Other Corvus Smart Cyber Partners™ with offerings currently available for Corvus policyholders include leading providers in Cloud Security and Managed Detection and Response: Orca Security, Ermetic, ClearVector, and Expel.