Microsoft Corp. is announcing a new multiyear commitment to help the insurance industry create superior and data-driven cyber insurance products backed by Microsoft’s security solutions. Managing risk is a critical business objective for all companies. Yet, even with the adoption of best-of-breed cybersecurity technologies and best practices, companies can face residual risk due to inconsistent management of apps and other productivity platforms exploited by a quickly evolving threat landscape. To bridge this gap, insurance providers have begun offering policies to help mitigate the impact of data breaches and ransomware attacks.
This new area of insurance is growing rapidly; however, uncertainty is common as insurers struggle to acquire and use dynamic, real-time data needed to mitigate cyber-risk — while growing threats like ransomware drive urgency.
Given the broad adoption of Microsoft solutions in companies of all sizes, Microsoft is working with insurers to address their customers’ cybersecurity needs and reduce insurers’ own risk of loss, through increased data visibility and standardized controls. Insurance carriers, agents, reinsurers and brokers are required to understand and assess cybersecurity threats for each of their insureds.
With this complexity, insurers are seeking increased visibility into each company’s security environment and hygiene to better underwrite new policies. To address this, Microsoft is teaming with key insurance partners to offer innovative data-driven cyber insurance products allowing customers to safely share security posture information through platforms like Microsoft 365 and Microsoft security solutions. All data and details about a covered company’s technology environment will be owned and controlled entirely by that customer, but customers can opt-in to securely share them with providers to receive benefits like enhanced coverage and more competitive premiums. This model rewards customers with real savings when adopting cybersecurity best practices and gives insurers the information they need to proactively protect their customers against breaches.
Partnership with At-Bay
Today Microsoft announces a partnership under this initiative with groundbreaking cyber insurance company, At-Bay. Through its modern approach to risk management, At-Bay assesses the cyber-risk of every company it insures and provides actionable insights on how customers can improve their security posture. Incentivizing the implementation of security controls with improved policy terms and pricing has strengthened the overall security of At-Bay’s portfolio companies. According to At-Bay, their insureds are seven times less likely to experience a ransomware incident than the industry average.
Beginning Oct. 1, businesses in the United States that use Microsoft 365 are eligible for savings on their At-Bay cyber insurance policy premiums if they implement specific security controls and solutions, including multifactor authentication and Microsoft Defender for Office 365. Microsoft is also actively working with At-Bay to identify additional ways to improve the digital risk exposure of its customers and proactively address vulnerabilities. This offer will be available through At-Bay’s broker community and available for customers using any version of Microsoft 365.
Interested businesses can contact their insurance agent to get started. In addition to these security controls, the level of savings is dependent on the loss history and individual risk profile of each business.
“An insurance policy is an effective tool to articulate the impact of cybersecurity choices on the financial risk of a company. By offering better pricing to companies that implement stronger controls, we help them understand what matters in security and how best to reduce risk,” said Rotem Iram, co-founder and CEO of At-Bay. “Working with Microsoft enables us to educate customers on the powerful security controls that exist within Microsoft 365 and reward them for adopting those controls.”
“For cyber insurance to play a meaningful role in overall risk management, buyers and sellers need the benefit of data and clear visibility into what is covered and factors either minimizing or multiplying risk exposure,” added Ann Johnson, Microsoft’s Corporate Vice President of Security, Compliance & Identity (SCI) Business Development. “Microsoft’s partnership with At-Bay brings important clarity and decision-making support to the market as organizations everywhere seek a comprehensive way to empower hybrid workforces with stronger, centralized visibility and control over cloud applications boosting security and productivity.”