A Single Partner for Everything You Need Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner. However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
Optiv's Cyber Insurability Services Improving Cyber Insurance Lifecycle Outcomes for All Involved Talk to an Expert Industry Overview Insurability Controls The Who and What of Cyber Insurance Optiv Approach Outcomes Contact Us Navigate Cyber Insurance With Optiv Cyber insurance, once a nice-to-have, is now a non-negotiable for the modern business. But the cybersecurity insurance industry has reached a tipping point – innovate or fail. Carriers, brokers and insureds are struggling to navigate an unpredictable cyber landscape with so many new vulnerabilities and threat actors appearing on the scene daily. Without changes, the industry may not be sustainable at the time it’s needed most. Optiv launched our Cyber Insurability Services to help clients attain the ideal policy for their business. Creating a sustainable cybersecurity insurance process requires the right combination of expertise, planning, tools and resources. A technology-agnostic cybersecurity advisory partner, Optiv helps those seeking cyber coverage connect the dots between security and enterprise risk management. From 2011 to 2020, cyber insurance purchasing rose from 35% to nearly 80%. Advisen Information Security and Cyber-Risk Management Survey, 2020 Cyber Insurability Navigator Service Brief Optiv’s Top 10 Cyber Insurability Controls Optiv’s cyber experts have carefully compiled a list of essential security controls for insureds as they set out on their cyber insurance attainment or renewal process. Image Identity and Access Controls MFA, PAM, Managed Identity Image Data Privacy and Governance State/Federal Regulations, Compliance, Privacy-by-Design Image Data Security Cloud, Discovery, Encryption, Protection (DLP, CASB) Image Logging and Monitoring SIEM, WAF, SOAR, Email Image Vulnerability Management VM Programs, Patch Management, Remediation Image Detection and Response EDR, NDR, MDR, MXDR, Threat Hunting Image Business Resilience CRS, Backup, TPRM Image Incident Response Readiness Plans, Playbooks, Tabletops Image Cybersecurity Awareness Phishing, Education Image Network and OT Security SASE, Architecture, Management, Protocols Core Fundamentals Four key principles our insurance experts stress throughout each Cyber Insurability Services engagement: Help insureds achieve consistent cybersecurity maturity Premium increases, limit reductions, high deductibles and coverage restrictions alone aren’t the solution. Progress requires innovation, but carriers and brokers can’t do it alone. Long-term sustainability requires the majority of insureds purchasing cyber insurance to maintain a commonly accepted cybersecurity maturity baseline. Things like multi-factor authentication, incident response retainers and dedicated threat analysts are only becoming more commonplace. Optiv’s Cyber Insurability Services can provide all of this and more as a cyber advisory and solutions leader within security. Align underwriting and cybersecurity Underwriting cyber risk is hard. Cyber insurance carriers are adapting, but the traditional point-in-time approach isn’t effective in today’s threat landscape. Why? It lacks validation methods, meaningful monitoring and loss control during policy terms. Innovation will help close the gap between cybersecurity and cyber insurance, making the underwriting process more meaningful for the carrier, more predictable for the insured and more effective in controlling losses and minimizing claims. Close the cybersecurity advisory gap Cyber insurance is evolving rapidly from specialty to standard coverage. It looks more like a cybersecurity service than a traditional insurance product. Brokers are now required to become experts on technical insurance products, advise their clients on cyber risk management best practices and provide incident response support. The traditional insurance distribution model needs to incorporate independent cybersecurity support aligned with the insurance process. Follow best practices for cyber insurance and cybersecurity A murky legal and regulatory environment requires carriers, brokers and insureds to operate without the benefit of clear standards, laws and baseline cybersecurity requirements. With advancements in underwriting and better cybersecurity alignment, cyber insurance has the potential to encourage broad adoption of cybersecurity best practices and serve as a positive force to combat cybercrime. The Who and What of Cyber Insurance Organizations purchase cyber insurance policies to help manage the financial risk associated with cyber threats, including ransomware attacks. Who are the key players in cyber insurance? Carriers underwrite, rate and bind insurance coverage, and they’re responsible for paying claims and making coverage determinations. Brokers provide access to cyber insurance markets, review and submit applications to carriers, place insurance coverage and interact with their clients insureds throughout the cyber insurance lifecycle. Previous Next What does cyber insurance cover? Policies differ, but many standalone policies provide coverage that falls into one of five categories (listed below). Think of cyber insurance as a backstop behind cybersecurity controls. It’s most effective when it helps address residual cyber risk or cybersecurity gaps that an organization isn’t able to control. Previous Next What isn’t covered by cyber insurance? Cyber insurance coverage is evolving quickly. Most policies will not cover things like infrastructure failure, acts of war, improving systems and networks, the value of intellectual property, specified incidents or known incidents that occurred before the policy start date.1 1To avoid possible claim denials, organizations must carefully and honestly complete applications and address subjectivity requirements to avoid violating application warranty statements or policy conditions. Insureds – read your policy carefully and consult your broker or carrier for guidance. Previous Next What factors influence premium increases and coverage denials? Cyber insurance carriers are working hard to align underwriting with the evolving threat landscape. They pay close attention to common themes driving claims as well as new and emerging threats. As a result, underwriting requirements change, and insureds will want to be aware of common reasons for carrier denials. Learn more about Ransomware. Previous Next Optiv’s Security-Centric Approach to Cyber Insurance Organizations purchase cyber insurance policies to help manage cyber threats, including risks associated with ransomware attacks. Below, we’ve highlighted some best practices for all parties involved in the cyber insurance process using a security-focused perspective: Insureds Brokers Carriers Think like an underwriter by focusing on factors that influence insurability, loss control and claim prevention. Take control of the cyber insurance process by benchmarking cyber insurance readiness against common underwriting criteria. Manage cyber risk as an ongoing effort and build cyber insurance into your cybersecurity strategy. Monitor changes in your environment, attack surface and emerging threats during the policy term to avoid losses and prepare for renewals. Build and practice your cyber incident response plan and make sure it aligns with your cyber insurance policy. Engage a cybersecurity advisory partner capable of delivering lifecycle services from readiness through incident recovery. Embrace the role of trusted advisor by adopting tools, technologies and practices that bring the cyber insurance and cybersecurity processes closer together for insureds. Empower insureds with resources to (1) identify insurability gaps, and (2) monitor and alert on high-profile attacks, changes in attack surface and in-term loss control resources. Lean on your cyber advisory partner to deliver cybersecurity services and solutions without adding staff or resources. Don’t go it alone. Collaborate with your cyber advisory partner to translate tactical cybersecurity recommendations and underwriting subjectivities from carriers into long-term cybersecurity success for insureds. Collaborate with others in the cybersecurity industry to help communicate to insurance buyers the value and best use of cyber insurance. Cyber insurance can’t cover everything. Continue to integrate advanced technologies into the cyber insurance process to augment and validate the point-in-time underwriting information provided in applications. Use “hard market” realities to encourage adoption of strategic cybersecurity strategies. Encourage organizations of all sizes to establish strong cybersecurity foundations and provide access to resources that help them evolve in a changing threat landscape. Facilitate and support insureds’ incident response and ransomware readiness to help make ransomware payments the last resort. Align the renewal process, premiums and client retention with current client data and improvements made during the policy term. The Five Categories of Cybersecurity Insurance Coverage Third-Party Cyber Liability Network security and data privacy liability Media liability Regulatory proceedings, fines and penalties PCI-DSS fines and penalties First-Party Cyber Event Expenses Legal guidance Incident response/forensics Incident handling/containment Notification and credit monitoring Public relations and crisis communications Data and Network Restoration Expenses Data restoration Network restoration Software and computer program restoration Hardware replacement Business Interruption and Extra Expense Contingent business interruption such as outsourced IT, cloud or other service provider Income lost during time of cyber incident-triggered technology disruption Extra expenses to get up and running after cyber incident Income lost due to reputation damage Cyber Crime Ransom payments Electronic theft Social engineering Funds transfer fraud Telecom/utility theft Invoice manipulation Ransomware accounted for 32% of all incidents affecting small to medium enterprises. NetDiligence Cyber Claims Study, 2021 A Collaborative Approach Optiv services and support provide a vital bridge between cybersecurity and the cyber insurance process. This innovative connection enables all parties to work together to remediate risk and improve loss control. The innovation journey involves important milestones for insureds, including: Establish an acceptable insurability baseline and methodology for ongoing reviews. Maintain checkpoints to identify changes to baseline, mitigate emerging threats and implement loss control strategies. Collect and share information with your carrier and broker about improvements and successes to tell your cybersecurity story during the cyber insurance renewal process. Align incident response and incident recovery capabilities with cyber insurance requirements. As a result, outcomes improve: Fortify your environment and take control of your cyber insurance process. Improve cybersecurity maturity over time and protect your businesses with incident readiness, response and recovery services. Brokers participate more fully in the cyber insurance market. Support insureds more effectively and bring cybersecurity services to market quickly without added overhead. Carriers turn recommendations into adoption. Build and maintain a secure, responsive cyber insurance client base. Provide access to, and implementation of, cybersecurity controls, services and incident response support. Disclaimer: Optiv does not sell service cyber insurance policies or service policies to our clients. The information provided here is for informational purposes only. Every cyber insurance policy is different. When in doubt, read your policy carefully with help from an industry professional such as an experienced cyber insurance broker who is well versed in this new and evolving coverage. Talk to an Optiv Cyber Insurance Expert