Improving your security should improve your coverage.
Context:
This company in the automotive industry came to Resilience looking for an adequate cyber insurance policy. Initially, they did not plan to implement a new set of security tools, employed a small IT staff who only dedicated around 20% of their time to security, and did not budget for a larger investment in their cybersecurity. Purchasing and utilizing security tools would mark a massive change in behavior for the company.
Problem:
After reviewing their security controls, the client initially was only eligible for a $100K sub-limit with a $170k premium. Resilience’s unified approach to assessing and managing risk allowed them to improve their coverage by investing in and improving the exact areas of their cybersecurity posture that would enable us to eliminate the sub-limit and improve their insurance terms overall.
Solution:
The client worked with us to review their internal and external cyberinfrastructure and build an actionable cyber hygiene plan based on Resilience’s advanced cybersecurity visibility. Our security team helped them implement multi-factor authentication across all devices and established controls around “end of life” systems, while proactively triaging emerging threats, vulnerabilities, open exposures, and notifications to keep alerts precise and accurate for the client. We onboarded the entire team to ensure enterprise-wide education on the new protocols and introduced them to a community of industry experts to provide help and support.
Result:
Resilience increased its $100k ransomware sub-limit to $5M in coverage mid term, due to the improved security posture of the company. That’s 50X the coverage for the same premium, just for improving their security controls. Rather than receiving a static policy due to their inadequate security posture, we were able to connect their insurance terms to an actionable cyber hygiene plan to improve their controls and, ultimately, their coverage. This company helped our team prove that improving your security should improve your coverage. Now, this organization is more than secure or insured; they’re cyber resilient.