Canalys conducted a study into the changing landscape of cyber insurance partnerships and their role in improving customer protection. Canalys Analyst Lisa Lawson highlights her findings.
Cyber insurance partnerships play a key role in providing comprehensive protection
Gone are the days of a one-size-fits-all partner strategy for cybersecurity vendors. The RSA Conference 2024 in San Francisco showcased the shift to diverse and collaborative partner ecosystems – a shift that reflects the rapidly evolving threat landscape. With publicly disclosed attacks surging by 96% in the first four months of 2024, the regulatory environment changing quickly, and the economic impact of breaches, new partner strategies are emerging to mitigate customer risk.
Cyber insurance partnerships are now playing an important role in providing comprehensive protection for customers and outlining best practices and minimum standards in cyber resilience. Cyber insurance companies recognize the value of proactive security measures in risk mitigation and are actively collaborating with cybersecurity and compliance vendors to bring bundled solutions to market, making it easier to procure insurance and mitigate risk. These partnerships are a win-win for the industry and for all parties involved:
- Insurers gain access to new customers with improved security postures.
- Cybersecurity vendors extend their reach to a hyper-targeted audience and provide comprehensive solutions for customers.
- Customers benefit from potentially lower premiums or discounts and post-breach support without falling foul of stipulated terms and conditions.
By embracing these partnerships in different forms, vendors and insurance companies are unlocking a competitive edge and ultimately lowering risk. Cyber insurance companies leverage their vendor partners to help them differentiate by offering value-added cybersecurity and compliance expertise, thought-leadership, tools, and resources to lower overall risk.
Four types of cyber insurance partnerships in the market today:
- Co-marketing partnerships: These partnerships simplify access to coverage by bundling cybersecurity and compliance solutions and tools with insurance, offering valuable co-marketing opportunities, lowering customer risk, and often offering discounts for bundled purchases. For example, Cloudflare’s customers can qualify for lower insurance premium rates and enhanced coverage with their insurance partners.
- Integration partnerships: Other partnerships go beyond co-marketing by integrating cybersecurity products. For example, Chubb and SentinelOne enable policy holders to share health and cybersecurity data, leading to lower premiums, better protection, streamlined renewals, and discounts.
- Cloud partnerships: Cloud giants such as AWS are also partnering with cyber insurance companies to streamline the quotation and cybersecurity evaluation process. AWS now has a cyber insurance partner designation, which enables customers to share their AWS cybersecurity posture with insurance companies via AWS Security Hub, ultimately facilitating faster quotes (within two business days) and unlocking higher coverage limits or reducing premiums for the customer. For example, Cowbell, a cyber insurance provider for small and medium sized enterprises, announced a partnership with AWS to streamline insurance procurement and give AWS customer access to Cowbell’s risk management resources.
- Cyber insurance partner programs: Cyber insurance companies have also created partner programs for cybersecurity vendors to offer solutions directly to their customers. For example, cyber insurance companies including Measured Insurance and Coalition have dedicated partner programs for SaaS cybersecurity providers to offer cyber insurance solutions to their customers.
Bundled cybersecurity and insurance as the new standard
These partnerships strengthen the industry and lower customer risk. Combining expertise, insurance, cybersecurity and compliance tools, the industry can create a unified front against cyber threats. The success of these partnerships could mean even more bundled and unified security and insurance offerings in the future, exemplified by Guardz’s recent announcement that it is now offering cyber insurance alongside its cybersecurity protection platform catering to MSPs and SMBs.
