Cyber criminals have tarnished the reputation of computer hackers worldwide. Of course, some hackers use their expertise for malicious deeds, but there’s also a “friendly hacker community” working with personal and commercial entities to test cyber exposures and defenses.
Coalition, a technology-enabled cyber insurance platform, has announced it’s tapping into the power of the ethical hacker by partnering up with bug bounty and vulnerability disclosure platform provider, HackerOne.
Together, both companies aim to use hacker-powered security testing to make the internet a better place. Coalition founder and CEO, Joshua Motta, hopes to offer lower cyber insurance premiums to small and midsize businesses, with the knowledge that “this partnership will put policyholders in a much stronger position to defend themselves”.
“Technology vulnerabilities are among a company’s greatest risk exposures, but are all too often discovered only after the damage has been done. By partnering with HackerOne, we’re literally enlisting thousands of ethical hackers to protect our clients,” Motta said.
“We founded Coalition because we believed that existing approaches to cybersecurity and cyber insurance were broken. This partnership is a first of its kind designed to reward organizations that use risk management tools like those provided by HackerOne.”
Coalition policyholders will be able to create a HackerOne vulnerability disclosure program using the HackerOne Response app, which is now available at no additional cost via Coalition’s risk management platform. The app allows companies to receive and respond to vulnerabilities discovered by trusted hackers before criminals can exploit them.
They also have the option to launch a bug bounty program, which incentivizes the disclosure of cyber vulnerabilities, and have access to other HackerOne services under the arrangement. Any company with a vulnerability disclosure or bug bounty program is eligible for lower premiums on Coalition’s cyber and technology errors & omissions insurance.
“Unknown security vulnerabilities pose serious risk to companies and their customers,” said Alex Rice, CTO and co-founder, HackerOne. “We are excited to partner with Coalition to help these organizations reduce their risk and premiums by engaging the friendly hacker community."
“We see Coalition as one big exercise to align incentives into a mold where everyone is interested in reducing the cyber risk surface,” Motta told Insurance Business. “We continuously monitor our policyholders, but this new partnership with HackerOne adds a community of hundreds of thousands of human offensive experts who can join us in this monitoring exercise.
“As an insurance firm, we’re able see the interplay between the protective actions and technology controls companies are taking, with the actual losses they’re suffering. We understand those technology vulnerabilities, and this was an opportunity for us to form a really novel partnership to directly tackle that problem.”
Related stories:
Coalition launched to tackle cyber threat with tech
Cyber expert weighs-in on Meltdown and Spectre computer flaws