A survey by international law firm Pillsbury Winthrop Shaw Pittman found that only 51% of corporate board members, C-level executives, and in-house counsels had dedicated cyber insurance, while another 47% had a corporate policy in place for responding to ransomware attacks. Moreover, the survey found that only one out of six had a dedicated in-house cybersecurity response team.
It is evident that more needs to be done about cybersecurity, but as hackers and other threat actors become more creative with their cyberattacks, so must companies be more active in protecting their assets from breaches.
Last month, Toronto-based global cyber insurance specialist BOXX Insurance acquired the cyber threat intelligence platform Templarbit – a company whose technology enables companies to learn if their network has vulnerabilities that hackers can exploit.
Insurance Business spoke with BOXX Insurance co-founder and CEO Vishal Kundi (pictured) to learn more about the acquisition, and why the company believes so much in taking a proactive stance in protecting cyber assets.
BOXX is specialist cyber insurance and protection company helping individuals, families and small businesses become cyber resilient and digitally confident.
Our mission is to make the world a digitally safer place - BOXX focuses on helping small & medium sized businesses as well as individuals and families, stay ahead of digital threats.
BOXX is HQ-ed in Toronto, with offices and presence in the US, Switzerland, Middle East and India. In Canada and USA, we operate as an MGA and partner with brokers to provide our flagship all-in-one cyber insurance and protection products: Cyberboxx Business Edition and Cyberboxx Home Edition. Across the world, we license our technology and services to insurers and large banks and retailers on a private label basis.
We partner with government bodies and regulators, supporting initiatives to drive home the importance of digital safety – this year we launched our partnership with the Cyber Security Authority of Singapore as part of the Singapore government’s Cyber Safe program.
The flip side of having digitally savvy small businesses and an increased reliance on remote work is that malicious actors get more opportunities to strike. The range of potentially vulnerable enterprise assets is dynamically swelling and, as a result, companies big and small are sailing into the perfect storm of cybercrime. Cyber criminals particularly see smaller businesses as easy slow-moving targets. Ransomware raids, data breaches, supply chain attacks, and phishing scams have skyrocketed over the past two years and aren’t going anywhere anytime soon.
According to our research at least half of all reported cyberattacks on organizations originated from an unknown or crudely managed asset. To emerge unscathed, businesses need to know what components of their digital postures are the most enticing when put through the lens of an attacker’s mindset. Such visibility is key.
While relatively young, Templarbit has built state-of-the-art technology that alerts companies when their platform identifies vulnerabilities in their network that hackers can exploit. The platform autonomously discovers, classifies and analyzes an organization’s entire landscape of digital assets, the unique risk profile for each digital asset and the real business costs that would be incurred if a digital asset was compromised.
Building Templarbit capabilities into our offering will further strengthen and enhance these capabilities to meet the need for our target customer segment.
BOXX’s purchase of Templarbit shows how strategically important we believe proactive cyber risk protection is to the continued growth of our business. We can now provide enhanced levels of insight for customers and partners to better understand their vulnerabilities and provide focus and directed support on how to address risk mitigation to better predict and prevent cyber risks from happening.
In providing an enhanced level of support and protection we help our customers predict, prevent, respond to, and recover from, cyber incidents faster and better.
The data we produce through this approach helps ensure we continue to improve and refine our risk assessment and pricing models and ultimately ensure we can help our brokers and clients optimize their cyber insurance spend. Anecdotally, we have seen that premiums can more than quadruple between a company that has good cyber security and one that doesn’t.
Over 20% of Canadian businesses reported a cyber incident (source: Government of Canada) with small businesses being targeted by cybercriminals because they are often easier to break in to.
Cyber threats are always evolving, with the most common attacks against small businesses continuing to be:
On the global stage, Canada is well respected for its approach to cyber security. You can see this in a recent global benchmarking assessment, The Cyber Defence Index. Canada actually ranked fifth among 20 countries in its preparation for and response to cybersecurity threats. Australia was ranked number one. Canada’s average score of 6.94 was only narrowly behind the United States (7.13).
The ratings were broken into four categories, which were given weights to get each country’s final score: Canada scored 6.45 on critical infrastructure (USA 7.49), 7.12 on cybersecurity resources (USA 7.9), 7.29 on organizational capacity (USA 6.0) and 7.04 on policy commitment (USA 6.14). Canada ranked slightly higher on policy commitment which may reflect the federal government’s proposed cybersecurity legislation, demands on Rogers Communications after its huge network outage, and the proposed updating of the private-sector privacy law.