For most organizations, risk has traditionally been measured using quantifiable methods and metrics like financial audit, regulatory compliance, or productivity downtime. Nowadays, cybersecurity has made that task much more challenging. Companies now need to consider new risk factors from cyberattacks, like intellectual property theft, loss of customer data/privacy concerns, and brand and reputation impact. They also need to rethink how they reduce risk to their business in this modern risk paradigm.
Earlier this year, we wrote about the role of cyber insurance in cyber risk management, where we noted that today’s risk mitigation involves a more complex strategy that sits at the intersection of people, process, product, and technology. Our mission is to help companies navigate that complex process. Today we’re pleased to announce that the Forescout Device Visibility and Control platform has been named a Cyber Catalyst by Marsh, the world’s leading insurance broker and risk adviser, as a part of their inaugural program cycle.
Cyber Catalyst is designed to help organizations make well-informed cybersecurity decisions and achieve greater clarity and confidence in navigating the complex cybersecurity marketplace. The program convened eight cyber insurance companies — Allianz; AXIS; AXA XL, a division of AXA; Beazley; CFC; Munich Re; Sompo International; and Zurich North America – with Microsoft serving as program technical advisor, to identify products and services they consider effective in reducing cyber risk.
Cyber Catalyst participating insurers evaluated 150 eligible solutions along six criteria: reduction of cyber risk, key performance metrics, viability, efficiency, flexibility, and differentiating features. The Cyber Catalyst designation was awarded to only 17 solutions including the Forescout Device Visibility and Control platform. The designated solutions received positive votes from at least six of the eight participating insurers, which voted independently. Organizations that adopt Cyber Catalyst-designated solutions may qualify for enhanced terms and conditions on cyber insurance policies from participating insurers.
Managing cyber risk involves two foundational components. The first is gaining complete situational awareness of all connected devices on your extended enterprise networks so you can identify sources of cyber risk. The Forescout platform enables you to discover and catalog all IT, IoT, OT, virtual and cloud endpoints on your network without agents or disruptive active scanning. It gives you a unified, real-time inventory of all network-connected devices across your campus, data center, cloud and operational technology (OT) networks. It then identifies security, configuration and compliance gaps so you can assess risk originating from unauthorized, vulnerable, non-compliant or compromised devices.
Once you identify risk, you must also be able to mitigate it. The ability to remedy the root cause of risk or enforce compensating controls (if the root cause cannot be mitigated) is the other foundational capability for managing cyber risk.
Many cyber security products alert you to risk indicators but fail to then enable mitigation actions. The Forescout platform helps you digitize and automate risk mitigation actions and implement workflows to proactively control network access, enforce device compliance and implement network segmentation. Compensating controls such as network isolation and zoning can be put in place when IoT and OT devices powering digital transformation cannot be remediated or patched.
Read more about the Cyber Catalyst designation program here. To learn more about how the Forescout device visibility and control platform can help you reduce both business and operational risk, visit