Cloud Cyber Insurance: Getting Good Lower Premiums For Good Practice

In our organisations, we typically have insurance for fire damage. We also typically have insurance for theft. But, what about cyber…
Photo by Towfiqu barbhuiya on Unsplash

Cloud Cyber Insurance: Getting Good Lower Premiums For Good Practice

In our organisations, we typically have insurance for fire damage. We also typically have insurance for theft. But, what about cyber insurance? Do insurance companies actually understand cybersecurity threats and their likely costs? While there is some data around, the major problem is one of auditing a company for their security posture.

For our home, you will likely pay less for your insurance if you have fire alarms and intruder detectors. The insurance company would then ask for these and will reduce your premiums. But, what questions would an insurance company ask for cybersecurity?

With some companies, such as Travelex, going out of business with a serious cyber attack, it makes sense to have insurance in place. This, of course, should not be a replacement for good cybersecurity practice.

Now AWS are offering cybersecurity insurance with their cloud offering, and provides customers with a quote within two days [here]:

At the current time, companies looking for cybersecurity have to complete many forms, but AWS aims to make things easier by sharing the cloud infrastructure information through the AWS Security Hub:

The Security Hub contains information about the deviations from best practices and also contains an aggregation of security posture findings. This should allow insurance companies to assess the state of a company’s security practices. The fewer deviations from best practice, the lower the insurance premium. These are passed using a standardized data format.

In Figure 1, we see that the hub takes logs from Amazon GuardDuty (which monitors CloudTrail management and event events, AWS CloudTrail event logs, VPC flow logs, and DNS logs), AWS Health (shows any downtime of services), AWS Firewall Manager (shows alerts from the firewall) and AWS IAM Access Analyser (shows issues related to identity management, such as related to access rights).

Figure 1: AWS Security Hub

Overall, the need for auditing or providing cybersecurity information will thus be minimised.

Conclusions

The usage of the hub looks like a great idea, especially as AWS will define best practices that companies follow, and deviation will see premiums increase. This will force companies — hopefully — to move closer to best practices. The sharing of security findings, too, provides a way for insurance companies to see where the risky areas are.

Want to learn more? Try here:

https://asecuritysite.com/aws