RapidFire Tools, a unit of Kaseya, today launched a process automation tool designed to make it simpler whether organizations are complying with the terms of their cyber insurance policy.
Designed to be delivered as a managed service, Audit Guru for Cyberinsurance extends the portfolio of compliance tools that RapidFire Tools makes available for managed service providers (MSPs) into one of the fastest growing sectors of the insurance industry. Faced with increased cybersecurity threats to their business, more businesses than ever are investing in cybersecurity insurance that promise to compensate businesses for any potential losses.
Like most insurance policies, however, the level of compensation that might be provided depends on the ability of the policyholder to demonstrate that cybersecurity rules were being enforced at the time of the breach, says Michael Mittel, president and general manager of RapidFire Tools.
“Insurers are going to want to know what happened as a condition of underwriting,” says Mittel.
Audit Guru for Cyberinsurance provides a tool that enables MSPs to document on behalf of their customers that cybersecurity rules were indeed being enforced, adds Mittel. It combines automated data collection with a validation engine to verify and document compliance with cyber insurance requirements. Audit Guru also regularly scans the environment to identify any changes that should be remediated, reducing the risk of denial of claims in the event of an incident, says Mittel.
Many organizations assume their existing business insurance cover cybersecurity incidents. The truth is, however, a denial of service attack that, for example, takes the Web site an organization relies on to generate revenue offline is typically not covered. But even an organization does have a cybersecurity policy, it’s often up to them to prove to the insurer that all the cybersecurity rules that policy required were in effect. Otherwise, the insurance firm will launch its own investigation, which might result in other a claim being delayed or not paid out at all.
Proving a managed service to ensure that doesn’t happen is, of course, a natural extension of services most MSPs already provide. The biggest challenge may not be providing a service to ensure compliance with cyber insurance policies, but rather educating customers about the need to make sure those claims are paid. In fact, savvy MSPs would be wise to make sure they have their own cyber insurance policy at a time when many of them are being increasingly targeted by cybercriminals.