Today AIG announced a strategic partnership with BitSight to recommend BitSight Security Ratings for Vendor Risk Management to CyberEdge customers. CyberEdge insureds can now benefit from the data-driven insights and continuous monitoring BitSight can provide and be alerted of potential threats to their network, as well as promote understanding of individual company risks.
Vendor risk is incredibly important to manage, given the increasing frequency of third party breaches. According to the 2013 Trustwave Global Security Report on 450 global data breach investigations, 63% were linked to a third-party component of IT system administration. This year it’s even higher: the 2015 Verizon Data Breach Investigations Report states, “In 70% of the attacks where we know the motive for the attack, there’s a secondary victim.” A WSJ article that was just published, Five Simple Steps to Protect Corporate Data, highlighted vendor risk and a solution to help mitigate this risk: security ratings.
Qualified CyberEdge insureds will be eligible to receive a complimentary BitSight Security Rating report to measure the organization’s security performance. CyberEdge policyholders are also eligible for preferred pricing on BitSight’s products and services. Insureds can choose to arm themselves with daily ratings as part of their end-to-end cyber risk management program, allowing them to have insight into cybersecurity risk throughout their ecosystem.
Early adopters, like AIG, are changing the face of the insurance industry and helping transform the way organizations manage security risk. This partnership signifies an important shift in risk management where insurers are providing risk mitigation services to improve the security effectiveness of their policyholders.