A String of Pearls: Coordinated Cyber Risk Management and Breach Response
Andrew McClure
October 17, 2023
- Blog Post
Prevention is a key aspect of cybersecurity for every enterprise and small and mid-size business (SMB). Most VCs in cyber naturally focus their investments on companies that defend the network, applications, and data to prevent breaches and compromises. However, despite the best preventative measures, breaches still occur due to sophisticated attacks, human error, or misaligned security posture.
The impact of a breach is significant to businesses, with an average breach cost of $4.5 million ($9.48 million in the United States) and higher in some industries like healthcare ($10.9 million). This cost is a result of business disruptors including ransomware costs, forensic analysis, data repair and reconstruction, legal and breach coach fees, and identity remediation services. Business interruption, or loss due to business outage, is also a significant contributor, comprising 29% of the total breach cost. Put simply, a security breach is a disruptive and costly event that requires significant recovery time.
Forgepoint Capital invests in a number of companies that offer important detection and prevention capabilities. Given the high incidence and impact of breaches we saw significant opportunity to help companies manage risk throughout the post-breach response and recovery lifecycle. We have developed a “string of pearls” model for cyber risk management to guide our investments in pre- and post-breach areas across the cyber insurance value chain. This includes incubating three startups, tapping into our vast network of exceptional entrepreneurs, experienced technologists, and seasoned operators to build from the ground up new solutions the market demands. Each of our portfolio companies (“pearls”) in these risk management areas complement each other in the breach response and recovery process. The cyber insurance ecosystem is the value chain (the “string”) that ties pre- and post-breach capabilities together – enhancing their overall effectiveness in ensuring cyber resilience and response.
Why We Invest in the Cyber Insurance Ecosystem
Today, companies have a rising need for cyber insurance, incident response, and integrated security capabilities as ransomware incidents continue to climb. As a result, cyber insurance remains the fastest-growing segment of the insurance market. It remains the greatest revenue and earnings growth opportunity across all property and casualty (P&C) lines for insurers. Insurers are also finding more attractive loss ratios and stabilizing their premiums thanks to lower claims, improved cybersecurity practices, and higher policyholder standards. From our perspective, this growing market has significant potential.
Our “string of pearls” investment strategy focuses on helping businesses handle all aspects of cyber risk management through post-breach response and recovery – from underwriting risk and purchasing insurance policies, to working with a breach coach and paying a ransom, to getting systems back online and building a more resilient future. Here’s how our portfolio companies operate within the cyber insurance ecosystem, leveraging synergies to help businesses manage cyber risk.
Before the Breach: Data-Informed Insurance Underwriting
Cyber insurers need cutting-edge insights around enterprise and SMB security posture and risk to underwrite policies. We are proud to partner with CyberCube, a cyber insurance analytics leader that meets these demands. CyberCube collects, classifies, and analyzes telemetry to assess business security posture, providing valuable data and modeling to insurance providers.
Converge Insurance, a cyber managing general agent (MGA) incubated within Forgepoint, combines cyber insurance and advanced data technology to create comprehensive and customized risk transfer solutions.
Managing risk before a breach starts with Managed Security Service Providers (MSSPs) like SolCyber, also incubated within Forgepoint. SolCyber applies solutions that aid in threat detection and response, including ReversingLabs (code and software supply chain vulnerabilities), Constella Intelligence (identity intelligence), and Bishop Fox (attack surface management and response).
Breach Response and Recovery
In the event of a breach, companies need significant support to respond and recover from the incident. Surefire Cyber, also incubated within Forgepoint, provides advanced, tech-enabled incident response and recovery services that address those critical needs. The company helps customers with post-incident forensics and response, negotiate ransoms, investigate business email compromises (BEC), and restore data and systems. As a high-quality case manager and panel provider for leading insurance carriers, their experienced team serves breached organizations through their outside counsel, insurance carrier, or broker to improve incident response outcomes. IDX (acquired by ZeroFox (ZFOX), another Forgepoint company, works hand-in-glove with breach coaches to provide identity monitoring and remediation post-breach.
Post-breach, Surefire helps customers identify cybersecurity gaps, fortify their defenses against future attacks, and establish incident response plans. They then refer customers back to MSSPs like SolCyber. Complementary solutions create real value. For example, Converge offers a 30% discount on cyber insurance for SolCyber customers due to the effectiveness of their risk management framework. SolCyber also allows other managed service providers (MSPs) to leverage their holistic offerings, enhancing security for a broader audience of customers.
Our “string of pearls” approach comes full circle with CyberCube using its analytics engine for cyber insurance risk modeling to aid carriers, reinsurers, brokers, or MGAs like Converge to better underwrite cyber risk.
Integrating Cyber Risk Management through Cyber Insurance
An integrated cyber risk approach in the insurance ecosystem creates synergies that benefit all businesses that experience a breach. Forgepoint Capital is proud to work with outstanding entrepreneurs and companies helping businesses manage risk and navigate the vulnerable period following a breach or compromise through the cyber insurance ecosystem. We look forward to their continued innovation as we collectively work towards a more secure future.