Story image

A look at the Fortinet-CIS collaboration & how it will change cyber risk management in A/NZ

31 Jul 2017

Fortinet and Australian Insurtech company Cyber Indemnity Solutions (CIS) are collaborating on a security assessment program that will analyse weaknesses in organisations’ security postures.

The two companies will launch the program across A/NZ, but also have plans to expand it throughout the Asia Pacific region in the near future.

Speaking to SecurityBrief, CIS CEO Greg Hodgkiss says that the collaboration introduces key differentiators in risk management.

The risk assessment includes several technologies including technology, user behaviour, best practice protocols and insurance cover.

“Businesses face an ever-increasing range of complex and evolving cyber-security threats yet most businesses lack the budget or expertise to deal with these threats effectively. The most significant damage to any business is the permanent loss of critical business data, which can be a result of an attack, employee maliciousness, or simply human error,” Hodgkiss adds.

CIS will integrate Fortinet’s Security Fabric, including FortiGate enterprise firewall and FortiAnalyzer central logging.

Fortinet’s senior director of Australia, New Zealand and South Pacific Islands Jon McGettigan says that initial rollout through A/NZ first is because both firms have major investment and resources in the area.

He also says Australia’s upcoming data breach notification laws will drive demand for cyber insurance.

“Over the next several months, we will monitor the market response to Fortinet and CIS’s joint offering. If it meets our targets, we will extend the collaboration to more markets in the Asia Pacific region.”

McGettigan explains that channel partners have much to gain from the collaboration.

“The opportunity for the channel is to have a different conversation at a high level in the organisation - cyber insurance needs to be flexible and bespoke to each customer. Creating a robust cyber security posture helps each organisation in being aware of the importance of protecting their critical data, and creates opportunity for the channel to add value through implementation and services to create that solution,” he says.

CIS is also part of ‘Crimson Risk’, an association of cybersecurity companies that provide additional risk assessment, monitoring and consulting services. The new partnership with Fortinet will expand the Security Fabric to include Crimson Risk clients.

Hodgkiss says that the aim is to provide holistic risk assessments that cover all aspects of business risk.

“It takes the form of a comprehensive questionnaire looking at IT, governance and compliance, human capital and third parties, and existing insurance coverage. The assessment report will provide the customer with recommended remediation and mitigation actions including insurance to indemnify them against data loss an additional layer of protection against cyber threats.”

According to Hodgkiss, organisations are reluctant to purchase standard cyber insurance policies because they don’t yet reflect all business risk or cover full data loss.

He says the company has developed a broad coverage and higher indemnity cover for a client’s critical electronic data assets.

“Ongoing threat monitoring, sophisticated artificial intelligence platforms and constant review of the business changes will continue to provide a high level of protection for the business,” he adds.

“Protecting a business against losses associated with cyber risk makes good financial sense and should be a key component of the cyber risk mitigation strategy. To support the risk assessment service, we can now also uniquely offer high indemnity, broad coverage, insurance to compensate data owners for the cost or profit impact of a cyber-attack, or if critical data is permanently lost,” Hodgkiss concludes.

Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.