A look at the Fortinet-CIS collaboration & how it will change cyber risk management in A/NZ
Fortinet and Australian Insurtech company Cyber Indemnity Solutions (CIS) are collaborating on a security assessment program that will analyse weaknesses in organisations’ security postures.
The two companies will launch the program across A/NZ, but also have plans to expand it throughout the Asia Pacific region in the near future.
Speaking to SecurityBrief, CIS CEO Greg Hodgkiss says that the collaboration introduces key differentiators in risk management.
The risk assessment includes several technologies including technology, user behaviour, best practice protocols and insurance cover.
“Businesses face an ever-increasing range of complex and evolving cyber-security threats yet most businesses lack the budget or expertise to deal with these threats effectively. The most significant damage to any business is the permanent loss of critical business data, which can be a result of an attack, employee maliciousness, or simply human error,” Hodgkiss adds.
CIS will integrate Fortinet’s Security Fabric, including FortiGate enterprise firewall and FortiAnalyzer central logging.
Fortinet’s senior director of Australia, New Zealand and South Pacific Islands Jon McGettigan says that initial rollout through A/NZ first is because both firms have major investment and resources in the area.
He also says Australia’s upcoming data breach notification laws will drive demand for cyber insurance.
“Over the next several months, we will monitor the market response to Fortinet and CIS’s joint offering. If it meets our targets, we will extend the collaboration to more markets in the Asia Pacific region.”
McGettigan explains that channel partners have much to gain from the collaboration.
“The opportunity for the channel is to have a different conversation at a high level in the organisation - cyber insurance needs to be flexible and bespoke to each customer. Creating a robust cyber security posture helps each organisation in being aware of the importance of protecting their critical data, and creates opportunity for the channel to add value through implementation and services to create that solution,” he says.
CIS is also part of ‘Crimson Risk’, an association of cybersecurity companies that provide additional risk assessment, monitoring and consulting services. The new partnership with Fortinet will expand the Security Fabric to include Crimson Risk clients.
Hodgkiss says that the aim is to provide holistic risk assessments that cover all aspects of business risk.
“It takes the form of a comprehensive questionnaire looking at IT, governance and compliance, human capital and third parties, and existing insurance coverage. The assessment report will provide the customer with recommended remediation and mitigation actions including insurance to indemnify them against data loss an additional layer of protection against cyber threats.”
According to Hodgkiss, organisations are reluctant to purchase standard cyber insurance policies because they don’t yet reflect all business risk or cover full data loss.
He says the company has developed a broad coverage and higher indemnity cover for a client’s critical electronic data assets.
“Ongoing threat monitoring, sophisticated artificial intelligence platforms and constant review of the business changes will continue to provide a high level of protection for the business,” he adds.
“Protecting a business against losses associated with cyber risk makes good financial sense and should be a key component of the cyber risk mitigation strategy. To support the risk assessment service, we can now also uniquely offer high indemnity, broad coverage, insurance to compensate data owners for the cost or profit impact of a cyber-attack, or if critical data is permanently lost,” Hodgkiss concludes.