The"industry-first offering"is designed to provide a "holistic" approach to cyberrisk management, according to a Monday news release by the partners, which also include global risk consulting firm Aon PLC and insurer Allianz Global Corporate & Specialty, or AGCS.
Businesses looking to buy the policy offered by Allianz will have to undergo an assessment of their cybersecurity posture from professionals at Aon, who will then recommend ways to improve their cybersecurity defenses, according to the news release. Interested customers will also be expected to use Cisco Systems Inc.'s Ransomware Defense product or qualified Apple Inc. products such as iPhones and iPads, which Allianz has determined offer a "superior level of security," the release said.
Clients that have "appropriate resiliency postures" may qualify for certain coverage "enhancements" such as lowered or waived deductibles, according to the release. Customers could also see the cost of purchasing certain security products applied against a deductible in the event of a claim, and will get access to Cisco and Aon's incident response teams in the wake of a malware attack, Emy Donovan, Allianz's cyber head, said in a video posted on Cisco's website that explains the new partnership and insurance offering.
According to experts, the incentives tied to the new insurance product could encourage companies that have previously spurned cyber policies due to high deductibles or premiums to sign up for the coverage. Depending on a company's size, annual premiums can easily exceed $10,000, and many policies have deductibles of $100,000 or more for data breach response and other costs.
Matt Cullina, the CEO of information security provider CyberScout, characterized the incentives as a "cyber carrot" to encourage businesses to improve their overall data security safeguards.
"Deductibles are very significant in cyber — it's not like your auto policy where you have a deductible of $500," Cullina said. "They can be in the tens of thousands, hundreds of thousands of dollars, or even millions, particularly around incident response, where you are most frequently seeing claims."
Cullina said that, while awareness of cybervulnerabilities has increased in recent years with the proliferation of high-profile, multimillion-dollar data breaches, some businesses still hold a "not in my backyard" attitude.
"Even though [businesses] may have done a ton of investment in data security or training, there is still that false sense of security, so getting them to take action through incentives is the only way to move the needle," he said. "This looks like the right piece of leverage to get businesses to take action without doing much extra."
Joshua Gold, co-chair of Anderson Kill PC's cyberinsurance recovery group, said the new insurance product's incentives could complement stringent cybersecurity regulations to galvanize businesses to shore up their protections.
To read the full story: Apple, Cisco Venture Could Fuel Cyberinsurance Market Surge