Data Security, Platform Security, Software Security

Safe Security Launches First Cybersecurity MGA to Underwrite Cyber Insurance Based on Continuous “Inside-Out” Cyber Risk Telemetry

Safe Security Launches First Cybersecurity MGA to Underwrite
Safe Security Inc., global leader in cyber risk quantification and management (CRQM), today launched SafeInside Insurance, the first cybersecurity Managing General Agent (MGA) leveraging API-based cyber risk telemetry and quantified insights to underwrite cyber insurance.

Backed by an AM Best “A-rated” carrier and panel of prominent, global reinsurance partners, SafeInside is introducing dynamic insurance policies for companies hosted in one or a combination of the leading public cloud service providers and leading SaaS solutions. For example, Amazon Web Services, Microsoft Azure and Microsoft Office 365, Google Cloud Platform and Google Workspace, Salesforce, and Zoom.

“Safe Security is thrilled to become the world’s first MGA for cyber insurance using actual cyber telemetry for underwriting. Our vision is to establish a new, de-facto industry standard for how cyber insurance is underwritten, and to provide more transparency between the investment in cybersecurity and cyber insurance. “We are paving the way for a sustainable, profitable cyber insurance ecosystem based on trust and certainty for all stakeholders. Safe Security looks forward to helping insurance buyers get the right cyber insurance policy at the right price for their organization’s specific requirements, as well as assisting brokers and underwriters make more informed decisions and dynamically adjust their portfolios.”

Saket Modi, co-founder and CEO, Safe Security

The underwriting process through SafeInside takes less than 20 minutes to assess an organization. All insureds also receive access to the SAFE CRQM platform, winner of the 2022 CISO Choice Award for Risk Management, which simultaneously accumulates signals using APIs from existing cybersecurity products, external threat intelligence, and business context to provide unprecedented visibility into possible areas of cyber exposure, and the exact financial risk associated with those cyber exposures.

With an objective of improving underwriting standards across the industry, Safe Security will also provide access to its cyber risk quantification platform to other carriers and reinsurers. Safe Security recently announced a partnership with Mosaic Insurance to offer real-time cyber risk evaluation.

“Safe Security’s inside-out approach is differentiated from existing market offerings by focusing on the most common techniques used by attackers and examining how attackers think and behave, not how internal IT teams think they behave,” added Steven Schwartz, VP of Insurance Strategy and Underwriting, Safe Security. “This approach removes subjectivity, allowing companies to answer questions about their security controls with precision instead of guess work, at all times. We are working with the entire insurance ecosystem to improve the standards of cyber underwriting.”

About Safe Security
Safe Security Inc. is a leader in cyber risk quantification and management (CRQM), with a mission to build a safer digital future. Safe Security’s CRQM platform – SAFE – enables organizations to manage cyber risks in real-time. Its platform automatically collects signals from inside and outside a company’s environment to give the company-specific cyber risk rating, or SAFE Score, the financial impact of a potential breach, and an action plan. This enables organizations to have a common language across teams - from the board all the way down to an analyst - to align with a consistent risk metric. Other benefits include justifying investments in cybersecurity and purchase of cyber insurance for the organization.

Spotlight

Spotlight

Related News

Cloud Security

Google Cloud Next 2023 Embraces Generative AI for Safer Digital Future

Google | September 18, 2023

Google reveals its pioneering approach to applying generative AI in cybersecurity at the Google Cloud Next conference in San Francisco. Alphabet and Google CEO Sundar Pichai's keynote emphasizes Google's AI-first approach and the transformative impact of AI across industries. Google introduces innovative security updates and trends, highlighting its commitment to enhancing cybersecurity capabilities. Google Cloud extends Duet AI to three key products in preview mode, empowering security teams to address complex cybersecurity challenges more efficiently. Google unveiled its pioneering approach to applying generative AI in cybersecurity at the Google Cloud Next conference in San Francisco. This significant revelation follows the broader accessibility of generative AI, made possible earlier this year by technologies like ChatGPT. Google's strategic endeavor aims to harness the potential of AI to combat cybersecurity challenges. Additionally, the event featured a keynote address by Alphabet and Google CEO Sundar Pichai, who underscored the transformative influence of AI across sectors and emphasized Google's extensive history of adopting an AI-first approach. During the conference, Google seized the opportunity to introduce innovative security updates and trends, signifying its commitment to enhancing cybersecurity capabilities for its customers. These developments come at a time when the integration of AI technologies in addressing cybersecurity concerns has gained substantial attention and recognition. Alphabet and Google CEO Sundar Pichai, a prominent figure in the technology industry, initiated the conference, reiterating the profound influence of AI across various sectors, industries, and business functions. His emphasis on Google's decade-long dedication to an AI-first approach solidified the company's leadership position in this transformative era. Furthermore, Google unveiled significant developments in the conference, including expanding Vertex AI with over 100 foundation models and introducing enhancements like PaLM 2, supercomputing capabilities, and the fifth-gen Tensor Processing Units. However, their commitment to democratizing AI was highlighted, demonstrated through customer stories and live demos. Google Cloud's developer advocate, Priyanka Vergadia, showcased Duet AI, an intelligent chatbot assistant that streamlines developers' tasks, saving time and enhancing security. Duet AI automates deployments, configures applications correctly, aids in debugging, and strengthens security. Its preview release marks a step towards achieving shift-left and DevSecOps goals, empowering developers to secure their code effectively and allowing security teams to scale their efforts. The research conducted by ESG and ISSA highlights the challenges faced by cybersecurity professionals. A significant majority (63%) have found their roles increasingly complex over the past two years. A closer look reveals that the surge in complexity (81%), rising workloads, and growing cyberthreats (59%), as well as understaffing issues (46%), are the primary factors contributing to this challenge. In response to these evolving demands, Google Cloud has taken a proactive step by extending the application of Duet AI to three key products, now available in preview mode. These applications empower security teams with Mandiant Threat Intelligence for threat analysis, Google Chronicle for accelerated SecOps processes, and Google Security Command Center for risk mitigation. A live demonstration showcased how Duet AI streamlines security analysts' workflows, making threat detection and response more efficient and enhancing overall security posture management. Google Cloud announced Mandiant Hunt for Chronicle Security Ops in preview, boosting threat hunting with expert Mandiant insights. Agentless vulnerability scanning (powered by Tenable) in preview detects OS, software, and network vulnerabilities on Google Compute Engine VMs. Custom posture findings and threat detectors are now available in the Security Command Center. Cloud Firewall Plus, in preview, enhances firewall service with advanced threat protection (Palo Alto Networks). These updates, utilizing Duet AI in preview, demonstrate Google Cloud's dedication to cybersecurity innovation, with specific availability details to come. The conference also highlighted partner offerings in the ever-evolving cloud security landscape.

Read More

Cloud Security

Palo Alto Networks Announces Intent to Acquire Cloud Security Start-up Dig Security

PR Newswire | November 01, 2023

Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, today announced that it has entered into a definitive agreement to acquire cloud security start-up Dig Security, an innovative provider of Data Security Posture Management (DSPM). Today, almost 70% of organizations already have data stored in the public cloud1. With increased interest and adoption of generative AI, sensitive data is often even more spread out across cloud services, including distributed databases, vector databases, PaaS services, and more. Organizations need help identifying sensitive data, effectively managing user access, and implementing robust security measures to protect against internal and external threats. Simultaneously, the relentless surge in the volume and impact of cloud data breaches persists2, causing significant damage to enterprises. This underscores the critical role that DSPM will play within a comprehensive cloud security strategy. Dig's DSPM solution enables organizations to discover, classify, monitor, and protect sensitive data across all cloud data stores, which will give Palo Alto Networks' customers visibility into and control of their multi-cloud data estate. After the close of the proposed acquisition, Dig's capabilities will be seamlessly integrated into the Prisma® Cloud platform to provide near real-time data protection from code to cloud. Dig was founded by entrepreneurs Dan Benjamin, Ido Azran, and Gad Akuka. They will continue leading their teams in joining the Prisma Cloud team at Palo Alto Networks after closing. Lee Klarich, Chief Product Officer for Palo Alto Networks: "As companies build AI-enabled applications, there will be a substantial increase in the amount of data transferred to the cloud. Dig's highly innovative DSPM technology helps safely enable this shift, and its dedicated team will complement and help advance Palo Alto Networks' strengths across cloud security. The announcement of our intent to join forces with Dig reinforces our longstanding commitment to our team in Israel and to continue growing our footprint with its talented and dedicated cybersecurity professionals." Ankur Shah, SVP Products, Prisma Cloud for Palo Alto Networks: "Data protection was the top priority for cloud security cited in the 2023 The State of Cloud-Native Security Report. Upwards of 75% of respondents noted that the number of point tools they use creates blind spots. Dig lets security teams see and secure their data across multi-cloud environments. This visibility and security is becoming increasingly important in the age of generative AI. Dig's innovation, coupled with Prisma Cloud's leading code-to-cloud intelligence highlighted in the recent Darwin release, will create what CISOs need to drive complete cloud security and data protection with a single, integrated, cloud-native platform." Dan Benjamin, Co-Founder & CEO, Dig Security: "Modern cloud applications leverage a broad set of data stores to meet the complex needs of businesses. We developed an award-winning DSPM solution to alleviate this strain by providing a centralized offering to monitor and manage the security of these cloud data stores. Integrating Dig's technology with Prisma Cloud will enable customers to effectively manage the security of their diverse data stores in modern cloud applications and reduce the risk of data breaches. My co-founders and I look forward to continuing our innovation journey with Palo Alto Networks to make the world safer."

Read More

Network Threat Detection

Kyndryl Announces Strategic Global Alliance with Palo Alto Networks to Provide Industry Leading Network and Cybersecurity Services

PR Newswire | October 04, 2023

Kyndryl (NYSE: KD), the world's largest IT infrastructure services provider, today announced a strategic global alliance with Palo Alto Networks to provide end-to-end network and cybersecurity services, including the launch of a new service offering, powered by Prisma SD-WAN for enterprises and Industry 4.0 customers. The alliance brings together Palo Alto Networks industry-leading platform security capabilities with Kyndryl's advanced network security services expertise to design, build, manage, and modernize mission-critical networking for customers across industries. The companies are joining forces to capitalize on emerging opportunities in the SD-WAN infrastructure market that IDC estimates will grow at a compound annual growth rate of 10.1% through 2027. As the demands of enterprise mobility accelerate, enterprises are looking for greater operational agility to support their digital transformation. Businesses need to support the growing number of devices used to access the corporate network and cloud-based applications, while also meeting evolving security and compliance requirements. Kyndryl and Palo Alto Networks are partnering to help businesses deliver consistent security and an enhanced user experience for customers everywhere, and across industries such as services, manufacturing, energy, healthcare, and retail. Kyndryl's new SD-WAN offering, powered by Prisma SD-WAN, will enable customers to transform and modernize their networks and meet the growing bandwidth demands of the proliferation of devices and cloud traffic. The new approach to network connectivity will provide a single pane of glass management to their networks, and simplifies deployment to branch-offices and edge services. By helping customers transition into a flexible and scalable network, Kyndryl will be able to help enterprises build a roadmap and incorporate new security paradigms such as SASE with Kyndryl Consulting services. At Kyndryl, we are at the forefront of helping enterprises with their network transformation to meet the growing trends of remote work, multi-devices usage, and cloud and data access. As organizations move away from traditional hardware-centric models to OPEX consumption models, the need for agile, highly secure and reliable networks is imperative, said Stephen Leonard, SVP of Global Strategic Alliances, Kyndryl. We are delighted to partner with Palo Alto Networks to provide robust and versatile network security services that will provide many benefits to our customers. "Together with Kyndryl, we are enabling enterprises to digitally transform confidently and innovate securely, while reaping the benefits of consolidating disparate security solutions into an integrated, best of breed platform," said Prem Iyer, SVP of Global Ecosystems for Palo Alto Networks. "We are committed to helping our joint customers achieve better security outcomes while protecting the modern connected organization from increasingly sophisticated attacks." The global partnership between Kyndryl and Palo Alto Networks builds on the companies' established collaboration around security services and solutions. In July Kyndryl launched its new Security Operations as a platform (SOaap) solution leveraging Palo Alto Networks Cortex technology to drive operational savings and time-to-value through automation and orchestration. Earlier this year, Kyndryl and Palo Alto Networks, together with Nokia, established an innovation lab in support of joint enterprise customers. By the end of the year, customers will be able to view innovative industrial edge use cases running on cloud, 4.9G/LTE and 5G private wireless connectivity. This will include remote manufacturing process control and real-time analytics on factory production sites, provisioning and management of mobile devices to improve the employee and frontline worker experience for onboarding and communication, and IT and OT security integration for worker safety and operational efficiencies. Kyndryl's industrial edge platform will be integrated with a multi-factor zero trust model built on Palo Alto Networks next-generation firewalls, run on Nokia's MXIE Industrial edge as part of Nokia Digital Automation Cloud (DAC)'s solutions, and with end-to-end managed services provided by Kyndryl. About Kyndryl Kyndryl (NYSE: KD) is the world's largest IT infrastructure services provider, serving thousands of enterprise customers in more than 60 countries. The company designs, builds, manages and modernizes the complex, mission-critical information systems that the world depends on every day. For more information, visit www.kyndryl.com.

Read More