SecurityScorecard and Measured Analytics and Insurance strengthen proactive cybersecurity strategies
SecurityScorecard announced an alliance with Measured Analytics and Insurance, the AI-powered cyber insurance provider. The initiative delivers a cyber insurance premium incentive (e.g., discounts) for Security Ratings.
“Together with SecurityScorecard, Measured is reimagining how organizations manage cybersecurity as a business risk,” said Jack Vines, CEO, Measured Insurance. “The dynamic threat landscape requires real-time risk assessment, best-in-class cybersecurity tools seamlessly integrated with comprehensive cyber insurance. SecurityScorecard sees what a threat actor sees, which allows us to deliver more accurate and responsive cyber insurance coverage and rates.”
Measured Insurance harnesses the power of proprietary AI data analytics and national security-grade threat intelligence to deliver a new generation of cyber insurance. The alliance between SecurityScorecard and Measured Insurance equips organizations with data-driven cyber risk insights to validate their defenses, prioritize investments, and strengthen proactive cybersecurity strategies.
Transparency in cyber insurance pricing
The cyber insurance landscape experienced a pivotal shift in 2022, with a 28% surge in cyber insurance premiums during Q4, as reported by Marsh, a leading cyber insurance broker. This surge in premiums reflects the escalating financial repercussions of cyber incidents, exemplified by a staggering $40 million payout for a single ransomware attack. These trends underscore the urgency for robust cyber risk management strategies.
Measured and SecurityScorecard enable organizations to effectively incorporate cyber insurance into their risk management strategy, even as insurance costs remain uncertain. This approach will also enable the procurement of cyber insurance as part of a broader program of corporate investment and enterprise risk management. Security Ratings are transparent and actionable, meaning organizations can clearly understand what they need to do to qualify for the premium incentives.
Backed by data: How SecurityScorecard predicts breaches
In the financial world, credit ratings serve as vital risk estimation tools. Inspired by this, the Marsh McLennan Global Cyber Risk Analytics Center and SecurityScorecard studied Security Ratings alongside cyber claims data. This research study identified seven factors predictive of breaches:
- Endpoint security: Tracks identification points that are extracted from metadata related to the operating system, web browser, and related active plugins.
- Patching cadence: Analyzes how quickly an organization installs security updates to measure vulnerability risk mitigation practices.
- Ransomware score: Measures how susceptible the organization is to a ransomware attack.
- Network security: Checks public datasets for evidence of high-risk or insecure open ports within the organization network.
- DNS health: Measures the health and configuration of an organization’s DNS setting. It validates that no malicious events occurred in the passive DNS history of the organization’s network.
- IP reputation: Makes use of the SecurityScorecard sinkhole infrastructure as well as a blend of OSINT malware feeds and third-party threat intelligence data-sharing partnerships.
- Cubit score: Measures a variety of security issues that an organization might have, e.g., checks public threat intelligence databases for IP addresses that have been flagged.
SecurityScorecard accurately models cyber risk so organizations can reduce risk while maximizing cyber insurance investments. SecurityScorecard continuously scans an organization’s attack surface. Then, it assigns a standardized score based on threat exposure and correlation to cyber incidents.
Benefits of the SecurityScorecard and Measured alliance include:
- Complimentary cyber risk assessment: SecurityScorecard identifies security gaps and factors that determine premium cost.
Action plan to mitigate threat exposure: A data-driven, comprehensive plan ensures customers have a roadmap to qualify for the cyber insurance premium incentive (e.g., discount). - Cybersecurity investment prioritization: SecurityScorecard pinpoints the most impactful security issues based on an organization’s unique attack surface to prioritize cybersecurity investments.
- Free cybersecurity ratings: SecurityScorecard is the only solution that offers free access to security ratings. Customers will always be able to monitor their threat exposure and premium incentive eligibility ahead of renewal and during the policy period.
With over 12 million organizations continuously rated, SecurityScorecard provides a concise, meaningful, and actionable cyber risk measurement. In fact, an extensive SecurityScorecard study found organizations with an A rating are 7.7x less likely to experience a breach.
“History shows that a cyber insurance policy alone is insufficient for mitigating threat exposure. Strong cybersecurity hygiene and cyber insurance must go hand in hand,” said Sachin Bansal, Chief Business Officer, SecurityScorecard. “We are proud to partner with Measured Analytics and Insurance to change how organizations, brokers, and carriers calculate and communicate cyber risk through a common operating picture of risk.”
This cyber insurance incentive is available now, offering organizations a direct path to both heightened security and financial benefits.