The Platform

Enable your security and operations teams to proactively identify, prioritize, and remediate exposures to stay ahead of attackers.

Watch a Demo
GigaOm Radar for Attack Surface Management

The expansion of an organization's attack surface continues to present a critical business challenge. Download the GigaOm Radar for Attack Surface Management to get an overview of the available ASM solutions, identify leading offerings, and evaluate the best solution for you.  

Use Cases

The CyCognito platform helps you identify all of the attacker-exposed assets in your IT ecosystem for a complete view of your attack surface.

State of External Exposure Management

Download CyCognito’s State of External Exposure Management Report to learn key recommendations that your Security teams can implement to improve their exposure management strategy and minimize risk. 

Our Customers

External attack surface management is advancing cybersecurity into a new era. Learn how security experts across all industries benefit from using CyCognito’s platform.

The Total Economic Impact™ of The CyCognito Platform

Read The Total Economic Impact™ of The CyCognito Platform — a Forrester study. Cost Savings And Business Benefits Enabled By The CyCognito Platform. 

About CyCognito

We believe all organizations should be able to protect themselves from even the most sophisticated attackers.

Contact us
Resources

The knowledge you need to manage and protect your attack surface.

What's New Blog
Perspectives

The Shifting World of Cyber Insurance

Randy-Streu
By Randy Streu
SVP, Global Channels & Alliances
January 5, 2022

Joe Uchill from SC Media shared a critical insight in this article on how the cyber insurance market bubble is bursting. Over the last 16 months, the statistics show a consistent increase in breaches and a rise in insurance payouts and loss ratios. The cyber insurance industry urgently needs to adopt practices that align with the reality of cybercrime.

Historically, insurance risk models have been based and trained on massive sets of historical data, which are modified minimally over time. And the overall direction of the data does not change radically year over year. Historic data is interesting for behavioral patterns but insufficient for predictive breach prevention that changes direction continuously. A company that has been relatively secure and unbreached for the past five years could be breached through an unknown attack vector tomorrow.

Cyber security is unlike any other industry model that cyber insurers have faced before. As a fast-paced and relatively new industry, it challenges insurance companies with the prospect of rapidly changing tactics and models. Digitization has swept over every organization, accelerating technology adoption and fuelling a growing external attack surface. Combine this with skilled attackers who continuously scan the internet for new attack vectors and security weaknesses, and you have an ever-changing IT ecosystem with an evolving threat landscape.

Add to that an over-reliance on outdated tools, increasing ransomware payouts and more avenues for cybercrime and it leaves an organization alarmingly exposed. To combat this apparent rise in risk and the pace of change in cybersecurity, there have been some insurance companies choosing to “opt-out” of the cyber business, while others are raising their rates and lowering their coverage, which is unsustainable. If insurance companies want to stay in the cyber security market and remain profitable, there needs to be a new and agile approach based on modern technology. 

Approaches that mimic attacker behaviors to assess risk not only during underwriting but also continuously throughout the policy will see more success.

The smaller, tech-centric insurance vendors have demonstrated an understanding of this already. Now, it is time for the heavyweights in the industry to adapt or opt-out. Cyber insurers can utilize external attack surface management solutions and look at their top insured organizations and assess their attack surface and associated risks. The CyCognito platform automates the process and combines guidance on the assessment so that users of the platform can clearly understand how much risk is associated. Insurers can immediately determine the real risk associated with an organization and decide whether or not to insure them.

Managing risk won’t be a one-off task, it can be an ongoing process of discerning risk due to the real-time data being fed into the platform. The data can be shared with the insured organizations in order to inform them about what they need to fix in order to potentially get a lower premium. Implementing an attack surface management program that provides external visibility, risk assessment of internet-exposed issues, and guidance to remediate is a strategy that benefits both insurers and the insured.


Topics





Recent Posts








Top Tags



CyCognito Research Report

State of External Exposure Management

State of External Exposure Management

Download CyCognito’s State of External Exposure Management Report to learn key recommendations that your Security teams can implement to improve their exposure management strategy and minimize risk.

Dummies Book

External Exposure & Attack Surface Management For Dummies

External Exposure & Attack Surface Management For Dummies

As your attack surface has grown to cloud infrastructures and across subsidiaries, attackers are looking for and finding unknown and unmanaged assets to serve as their entry points.

Interactive Demo

Ready to Rule Your Risk?

Request a personalized walkthrough of the CyCognito platform to see how we can help your company identify all its internet-exposed assets, focus on which are most vulnerable to attacks, and accelerate your time to remediating critical risks.