XL Catlin and cybersecurity specialist RedSeal have teamed up to create a tool to measure a network’s resilience against cyber risks.
According to a statement by the firms, the tool will help underwriters assess their client’s cyber exposures and help them improve their cybersecurity and benefit from better insurance terms.
While other cyber insurance risk analyses rely on surveys and a general understanding of the network at the time of the initial underwriting, the new approach is more in-depth, accurate and dynamic.
Using RedSeal’s patented network modelling and risk scoring platform, a network simulation will be created, including physical assets, as well as those in public and private cloud environments. Using this model, RedSeal will calculate the network’s digital resilience score, which is somewhat similar to a credit worthiness score.
The score reflects the following characteristics of the network:
More resilient networks have higher scores, meaning they are exposed to lower cyber risks. XL Catlin will use RedSeal’s tool to evaluate a client at the beginning and again in the middle of the term, when the insurer will determine whether the client’s resilience qualifies it for improved terms on their cyber insurance policy.
“We see this collaboration as a win-win for all involved,” said John Coletti, chief underwriting officer for cyber and technology at XL Catlin. “We’re giving our clients the option to create a cycle of continuous improvement in their cyber security efforts. Plus, our underwriters have more in-depth information to evaluate their risk and provide the most appropriate policy terms and pricing – and our customers can use the same information to improve their resilience and lower their risk.”
Ray Rothrock, chairman and CEO of RedSeal, added: “RedSeal’s platform of network modeling and scoring provides unique insights and hard to find issues within digital enterprises for both XL Catlin’s underwriters and their clients, which we expect will benefit both. We’re enabling a new, collaborative era in cyber insurance and cybersecurity.”