Leaders of enterprises and large organizations are increasingly turning to cyber insurance to mitigate their cyber risk exposure. But their large networks are complex and dynamic. It can be challenging for cyber insurance underwriters to determine how to measure, score, and price that cyber risk.
While there are products that assess external threats to a network as the policy is issued, what’s been missing from cyber risk assessments is the network, itself. How well is it put together? Does it follow industry best practices in network security? Can unauthorized users reach critical information? Are the near-constant changes networks go through analyzed for risk? Does the organization even know about and manage all parts of its network?
Underwriters haven’t had comprehensive technology to help them look deeper to analyze and measure their clients’ networks and cyber risk, much less a cyber risk score for insurance underwriting. And they haven’t had the information to help their clients improve those networks.