The pros of proactive cyber risk protection

The pros of proactive cyber risk protection | Insurance Business America

The pros of proactive cyber risk protection

A survey by international law firm Pillsbury Winthrop Shaw Pittman found that just 51% of corporate board members, C-level executives, and in-house counsels have dedicated cyber insurance, while only 47% have a corporate policy in place for responding to ransomware attacks. Moreover, the survey also found that only one out of six have a dedicated in-house cybersecurity response team.

It is evident that more needs to be done about cybersecurity, but as hackers and other threat actors become more creative with their cyberattacks, so must companies be more active in protecting their assets from breaches.

Last month, Toronto-based global cyber insurance specialist BOXX Insurance acquired the cyber threat intelligence platform Templarbit – a company whose technology enables companies to learn if their network has vulnerabilities that hackers can exploit.

Insurance Business spoke with BOXX Insurance co-founder and CEO Vishal Kundi (pictured) to learn more about the acquisition, and why the company believes so much in taking a proactive stance in protecting cyber assets.

Can you tell us about BOXX Insurance and what it does?

BOXX is a specialist cyber insurance and protection company helping individuals, families and small businesses become cyber resilient and digitally confident.

Our mission is to make the world a digitally safer place - BOXX focuses on helping small and medium sized businesses as well as individuals and families, stay ahead of digital threats.

BOXX is HQ-ed in Toronto, with offices and presence also in the US, Switzerland, the Middle East and India. In Canada and USA, we operate as an MGA and partner with brokers to provide our flagship all-in-one cyber insurance and protection products: Cyberboxx Business Edition and Cyberboxx Home Edition. Across the world, we license our technology and services to insurers and large banks and retailers on a private label basis.

BOXX has strong strategic partnerships with the most respected underwriters in the world including HISCOX, Zurich, Munich Re and others.

We partner with government bodies and regulators, supporting initiatives to drive home the importance of digital safety – this year we launched our partnership with the Cyber Security Authority of Singapore as part of the Singapore government’s Cyber Safe program.

What sets BOXX apart from other managing general agents operating in the cyber insurance space?

We have a unique combination of security technologies and insurance products which allow us to educate, anticipate and prevent cyber incidents in addition to helping clients respond to cyber-attacks. 

BOXX is focused on a prevention-first approach to business, helping small to medium-sized enterprises respond to cyber threats but also stay ahead of them by leveraging smart technologies that reduce risks and prevent claims in the first place. Being better prepared also helps clients respond to, and recover from, cyber incidents faster and better. 

We recognized that turning prevention strategy into action can be difficult for smaller businesses that don’t have the resources, so we take care of the product selection and implementation with the services provided by our BOXX Hackbusters.

Toronto-based BOXX Insurance recently acquired the California-based Templarbit. What was the decision-making process behind the deal?

The flip side of having digitally savvy small businesses and an increased reliance on remote work is that malicious actors get more opportunities to strike. The range of potentially vulnerable enterprise assets is dynamically swelling and as a result, companies big and small are sailing into the perfect storm of cybercrime. Cyber criminals particularly see smaller businesses as easy slow-moving targets. Ransomware raids, data breaches, supply chain attacks, and phishing scams have skyrocketed over the past two years and aren’t going anywhere anytime soon.

According to our research at least half of all reported cyberattacks on organizations originated from an unknown or crudely managed asset. To emerge unscathed, businesses need to know what components of their digital postures are the most enticing when put through the lens of an attacker’s mindset. Such visibility is key. 

Whilst relatively young, Templarbit has built state-of-the-art technology that alerts companies when their platform identifies vulnerabilities in their network that hackers can exploit. The platform autonomously discovers, classifies and analyzes an organization's entire landscape of digital assets, the unique risk profile for each digital asset and the real business costs that would be incurred if a digital asset was compromised.

Building Templarbit capabilities into our offering will further strengthen and enhance these capabilities to meet the needs of our target customer segment.

What will this deal mean for BOXX’s clients and partners?

BOXX’s purchase of Templarbit shows how strategically important we believe proactive cyber risk protection is to the continued growth of our business.

We can now provide enhanced levels of insight for customers and partners to better understand their vulnerabilities and provide focus and directed support on how to address risk mitigation to better predict and prevent cyber risks from happening. 

In providing an enhanced level of support and protection we help our customers predict, prevent, respond to, and recover from, cyber incidents faster and better. 

The data we produce through this approach helps ensure we continue to improve and refine our risk assessment and pricing models and ultimately ensure we can help our brokers and clients optimize their cyber insurance spend.  Anecdotally, we have seen that premiums can more than quadruple between a company that has good cyber security and one that doesn’t. 

How does Templarbit's expertise help clients from different regions?

Much of the world’s cyber security dollars are directed at hardening the security posture of larger enterprises and critical infrastructure. What’s proving more difficult, even in the most advanced economies, is how to protect the world’s largest business segment – small to medium-sized businesses. Despite growing cybersecurity awareness and knowledge, there is still a gap here. 

The encouraging news is that cyber threats are similar in nature across the world – unlike property risks it’s not your postal address that matters but your IP address. Platforms like Templarbit’s make it easier for digitally connected SMEs across the world to stay ahead of threats. This not only helps protect them but also the broader ecosystems and communities in which they operate.