Joint support for SMEs in preventing cyber attacks
Helvetia Insurance sets new standards in supporting its corporate customers in the area of cyber security: Helvetia is the first Swiss insurer to work with the bug bounty provider GObugfree to specifically help its (SME) corporate customers uncover and close effective security gaps.
Cyberattacks are an increasing business risk and cost billions of Swiss francs every year. A Swiss SME quickly suffers a loss of over CHF 100,000 in the event of a successful cyberattack; serious attacks involving data theft and encryption can run into the millions. SMEs must proactively protect themselves against these risks.
Only one in ten SMEs in Switzerland has cyber insurance
Solid IT protection measures form the basis of any cyber protection. However, the optimal solution consists of a balanced combination of IT security measures and insurance protection against cyber threats. After all, if criminal elements manage to penetrate a company's IT environment despite all the security precautions, a suitable insurance solution can help cover the residual risk. It is therefore all the more surprising that only one in ten SMEs in Switzerland has taken out cyber insurance.
Insurance industry increases requirements
An SME that wants to take out cyber insurance with an insurance provider must have a certain level of basic protection. Tobias Seitz, Head of Underwriting Technical Insurance Region East at Helvetia, states: "SMEs often think they are too insignificant to be a target of cybercriminals. However, this is a fallacy. Cyberattacks are often untargeted - you cast the net and see what you catch. Proactive protection measures are therefore critical for SMEs." Due to the aforementioned basic requirements for taking out an insurance solution, there are always times when applications have to be rejected. This is in order not to disadvantage other insurance customers who meet the necessary requirements.
Knowing risks in order to combat them
GObugfree supports SMEs with a security assessment to classify the current status of IT security measures, a so-called community bug test. Security researchers from the GObugfree community examine the existing security situation of a company. Christina Kistler, Chief Commercial Officer at GObugfree, says: "The bug test is very popular with SMEs. With this fast and cost-effective approach, an initial pragmatic assessment of the attack surface and any vulnerabilities can be created. Companies receive recommendations for action, where and with which measures they can start to improve their cybersecurity." Often, the bug test is the launching pad for a bug bounty program, whereby ethical hackers are rewarded for discovering vulnerabilities in organizations' systems. A bug bounty program provides ongoing protection as the company continuously addresses vulnerabilities and improves in the process.
Prevent instead of pay later
If a cyber incident results in financial damage, the corresponding insurance cover takes effect. In addition, in the event of a claim, insured companies at Helvetia can access a network of experts to help deal with an incident. But cyber insurance cannot "conjure up" deleted data, for example, and despite professional communication with the support of PR experts, there is still a risk in the future that a company's reputation will be damaged after a cyber incident, at least in the short term. The idea of prevention is therefore also central for Helvetia in the cyber area. The company wants to continuously sensitize its customers to the issue of cyber security and give them access to the latest, agile security methods so that they can recognize the means by which they can improve their security. Tobias Seitz says: "This not only benefits our customers, but also the market as a whole. The better Switzerland is positioned, the less attractive our country is for cyberattacks. The partnership with GObugfree is an important step to further strengthen Swiss companies and the market."
Source and further information: Helvetia Insurances / GObugfree