Post by rabiakhatun on Nov 3, 2024 11:05:04 GMT 1
I remember a few years ago, in a previous life, we were outsourcing SOC for an international oil company. The contract value was approaching $100 million and one of the conditions was to be financial guarantees for compensation for damage in the event of an attack. It took 9 months to content writing service agree on this, the most difficult part of the contract. And now in the West it is becoming, no, not mainstream yet, but already a common practice. For example, Aqua Security announced the provision of guarantees for $1 million in case of hacking of cloud clients protected by their solution. Yes, there are conditions and restrictions on receiving compensation (minimum contract amount, included components, specific definition of "cloud attack", etc.), but still it is a significant step forward.
In September 2022, Defendify also offered $1 million in compensation in the event of an information security incident occurring in an organization protected by its solution. The compensation covers a wide range of incidents - ransomware, compliance violations, business email compromise (BEC), or any financial losses resulting from an information security incident. Unlike cyber risk insurance, Defendify's offer does not require signing any contracts, underwriting, claim settlement, etc.
A similar story with the outsourced SOC from Arctic Wolf, which provides exactly the same guarantees of $1 million as Defendify, and for exactly the same incidents, but judging by the mention of underwriting, they are still talking about cyber risk insurance. The client receives full compensation of a million if he previously invested in the full portfolio of the information security company; the compensation amount is halved if the customer used the MDR service and one of Arctic Wolf's products for analyzing the customer's security or raising the awareness of its employees.
In September 2022, Defendify also offered $1 million in compensation in the event of an information security incident occurring in an organization protected by its solution. The compensation covers a wide range of incidents - ransomware, compliance violations, business email compromise (BEC), or any financial losses resulting from an information security incident. Unlike cyber risk insurance, Defendify's offer does not require signing any contracts, underwriting, claim settlement, etc.
A similar story with the outsourced SOC from Arctic Wolf, which provides exactly the same guarantees of $1 million as Defendify, and for exactly the same incidents, but judging by the mention of underwriting, they are still talking about cyber risk insurance. The client receives full compensation of a million if he previously invested in the full portfolio of the information security company; the compensation amount is halved if the customer used the MDR service and one of Arctic Wolf's products for analyzing the customer's security or raising the awareness of its employees.