At-Bay Stance aims to address security gaps by centralizing and prioritizing risks, providing support to mitigate and respond to threats in conjunction with cyber insurance coverage. Credit: Photon Photo/Shutterstock Cyber insurance provider At-Bay has announced the launch of a new InsurSec solution to help small-to-mid sized businesses (SMBs) improve their security and risk management postures through their insurance policy. The firm describes the At-Bay Stance platform as a “world’s first” that aims to addresses major security technology and skills access gaps by centralizing and prioritizing risks, along with providing expert support to mitigate threats – managed in conjunction with cyber insurance coverage.The emergence of InsurSec technology reflects a cyber insurance landscape that has seen significant change recently. As the frequency and severity of ransomware, phishing, and denial of service attacks have increased, demand for and conditions relating to coverage have evolved. Policies are becoming more diverse, complex, expensive, and harder to qualify for, presenting CISOs and their organizations with new challenges and considerations for optimal cyber insurance investment.At-Bay defines an InsurSec solution as an end-to-end approach to protecting businesses from cyberthreats by bringing insurance and security together. It provides security services including threat prevention, detection, recovery/response, and risk intelligence – delivered by the insurer in conjunction with coverage. At-Bay Stance integrates security controls, attack prevention, incident responseTraditionally, At-Bay has used proprietary security scans and active risk monitoring to assess organizations’ cyber risk postures. However, simply scanning a company’s external attack surface is no longer enough to tackle today’ s complex threat landscape, the firm said. At-Bay Stance, therefore, features several elements that combine to provide more holistic and effective risk management to users, At-Bay added. These are: At-Bay Stance Exposure Manager is a purpose-built software platform that centralizes threat and vulnerability data by integrating existing security controls from inside a company with At-Bay’s external scans.At-Bay Stance Managed Security offers in-house experts who provide intelligence-powered recommendations to businesses on what to do to stop attacks before they happen. This team will help businesses with remediation, in addition to proactively sharing security recommendations and insights.At-Bay Response and Recovery provides in-house incident responders who can be immediately deployed to understand the root cause of incident, evaluate the impact, and develop the appropriate plan to get customers operational as soon as possible.At-Bay Security Partner Network provides discounts on top-performing third-party security products and solutions.At-Bay Stance will be available to At-Bay customers purchasing a new Cyber E&S policy from May 1 or renewing policies as of August 1. At-Bay will be showing the product at this year’s RSA Conference, booth ESE-19.InsurSec solutions have significant potential value, trust is key to successInsurSec solutions are new, emerging offerings, but the concept behind them and its potential to add value to involved parties is something being recognized more widely, particularly for SMBs and organizations struggling with an adverse blend of low maturity and cost constraints. “I think the insurance market is recognizing that their future offering in this space has to grow beyond simple loss protection,” Paul Watts, distinguished analyst at the Information Security Forum, tells CSO. “Providing complementary services to help organizations with proactive and reactive management of cyber risk could also help foster stronger relationships between insurer and client.”Both parties stand to benefit here – by engaging in this way, risk is better (and jointly) managed, Watts says. Insurers are mitigating losses, and clients are drawing down on capabilities that were previously too expensive for consideration and could see lower premiums as a result. From an insurer’s perspective, they stand to gain access to a whole lot of additional data that will help them to hone their products, offering increased value to clients whilst managing their loss opportunities in a more optimal way, Watts adds.“That requires some real trust to be in place – clients will be hesitant to allow insurers to get that level of intimacy with their security operations. It’s early days, but I think the foundations of mutual trust and transparency are starting to appear to enable this.” Related content news CISA, FBI urge developers to patch path traversal bugs before shipping The advisory highlights how developers can follow best practices to fix these vulnerabilities during production. By Shweta Sharma May 03, 2024 3 mins Vulnerabilities news Microsoft continues to add, shuffle security execs in the wake of security incidents The company has appointed new product security chiefs as well as a customer-facing CISO as it continues to respond to high-profile attacks on its products and own network. By Elizabeth Montalbano May 03, 2024 4 mins CSO and CISO feature Malware explained: How to prevent, detect and recover from it What are the types of malware? How does malware spread? How do you know if you’re infected? We've got answers. By Josh Fruhlinger May 03, 2024 18 mins Ransomware Phishing Malware brandpost Sponsored by Cyber NewsWire LayerX Security Raises $26M for its Browser Security Platform, Enabling Employees to Work Securely from Any Browser, Anywhere Early adoption by Fortune 100 companies worldwide, LayerX already secures more users than any other browser security solution and enables unmatched security, performance and experience By Cyber NewsWire May 02, 2024 4 mins Cyberattacks Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe