MSSP, MSP, Cybersecurity insurance, Compliance Management, AI benefits/risks, Identity, MDR

Sophos, Spektrum Labs Want to Supply the Verifiable Proof that Cyber Insurers Demand

Cyber insurance is evolving just as the myriad threats facing organizations evolve. One area where change can be seen is in what insurers are demanding of companies before making their decisions on coverage.

Executives with security vendor CyberArk highlighted in an ebook they introduced this year that “Cyber insurance underwriters no longer accept checkbox compliance as proof of resilience. As identity-based attacks accelerate, insurers are asking a harder question: can you prove that security controls work continuously across every human, machine, and AI identity?”

Noma Security CISO Diana Kelley told MSSP Alert the same thing earlier this year, noting that insurers are shifting from accepting self-attestation to demanding evidence-based underwriting. Insurers expect security controls like multifactor authentication, comprehensive and tested backups, and vulnerability management tools to not only be described, but proven.

In response, security vendors are rolling out programs and tools that allow organizations and MSSPs to supply that proof and verification. One example comes from Cork Cyber, which last month unveiled a new capability for its Vantage platform that pulls in internal insights and external risk scoring to let organizations, MSSPs, and MSPs better understand corporate security environments and improvements that need to be made.

One benefit is providing clear data that organizations can present to a cyber insurance industry that is “moving away from theoretical risk based on questionnaires and toward real exposure based on evidence,” Cork Cyber CEO Dan Candee told MSSP Alert at the time.

Continuous Resilience Validation

This week, cybersecurity vendor Sophos and Spektrum Labs, whose AI-powered Fusion Platform provides continuous cyber resilience validation, announced a partnership to strengthen companies' security environments.

Organizations can now not only deploy Sophos’ managed detection and response (MDR) technology to help prevent attacks, but also give insurers measurable and verifiable proof that their controls are in place, properly configured, and working as expected. This is important for insurers to see, according to Jessica Newman, global general manager of cyber insurance at Sophos.

“Everyone claims they have the right cyber controls in place, but can they prove it?” Newman emphasized MSSP Alert. “In the event of a claim, can they be sure that their claim will be paid? Insurance is supposed to work when we need it most; this program guarantees that it will.”

Connecting Security Data, Insurance Process

Sophos has a global MDR customer base, but the Spektrum partnership now gives organizations a way to connect operational security data directly to the insurance process, creating a “more transparent and near-real-time way to verify resilience, which benefits brokers, carriers, and customers alike,” she said.

With Spektrum’s platform and Sophos’s Central Console, organizations can prove their security program’s resilience via Spektrum’s Cyber Resilience Tokens that can provide underwriters with the verification information they need to create a cyber insurance policy, according to the companies.

J.J. Thompson, founder and CEO of Spektrum Labs, said in a statement that the partnership with Sophos “establishes a new standard: provable MDR effectiveness, automated resilience, and direct insurance benefits. It aligns cybersecurity, cyber resilience, and cyber insurance into one continuous system.”

Partnership a Win for MSSPs, MSPs

MSSPs and MSPs will benefit from the partnership, Sophos’ Newman said. They “are increasingly on the hook not just for delivering cybersecurity technologies, but for demonstrating outcomes and helping clients qualify for cyber insurance, a requirement that is quickly becoming part of their value proposition.”

It will also allow them to offer differentiated servers that will offer clients accelerated access to cyber insurance through the packaging of MDR with validated proof of resilience. In addition, MSSPs and MSPs will be able to show measurable benefits their security services deliver and will be able to take advantage of the growing revenue stream from insurance-related services.

They will be able to remove a lot of the burden that now falls on organizations to prove they qualify for cyber insurance. This comes at a time when the cyber insurance market is expected to grow from $33 billion this year to $223.47 billion by 2034.

Expect More of This

This is the future for the cyber insurance business, Newman said.

“The cyber insurance market is moving toward data-driven underwriting and continuous validation of controls,” she said. “Static forms and annual check-ins aren’t enough in today’s threat landscape. Insurers want measurable, real-time confidence in risk posture. This partnership supports that shift by providing trusted proof of resilience, helping insurers price risk more accurately and giving organizations a clearer path to coverage as underwriting standards continue to mature.”  

She added that “carriers are aware that MDR is a highly impactful security control that has strong potential to reduce the loss ratio on an entire portfolio of risks.  They are hungry for MDR telemetry data on their customers so they can more effectively price and select risk. ... The ‘green light’ token that Spektrum sends to Sophos’ carrier panel is quick, digestible data that does that first pass of underwriting qualification for them, verifying and validating that MDR is in place and configured appropriately.”

Jeffrey Burt

Jeffrey Burt has been a journalist for almost 40 years, moving from general-circulation newspapers to IT news sites in 2000. He’s an expert analyst and writer on cybersecurity, data center infrastructure, AI, and a host of other subjects for a range of organizations, including CyberRisk Alliance, eWEEK, Techstrong Group, The Next Platform, and The Register.

You can skip this ad in 5 seconds