Microsoft has teamed up with cyber insurer At-Bay to offer corporate users of Microsoft 365 lower cyber insurance rates. It marks the first of several potential partnerships with insurers that will see Microsoft link its security and software systems to assess underwriting risk, which will both boost buyers’ cybersecurity and improve affordability of cover.
At-Bay said businesses that adopt security controls, including multifactor authentication and Microsoft Defender for Office 365, will improve their defences to cyber risk and see their premiums adjusted in line with loss history and risk profiles.
“Incentivising the implementation of security controls with improved policy terms and pricing has strengthened the overall security of At-Bay’s portfolio companies. According to At-Bay, their insureds are seven times less likely to experience a ransomware incident than the industry average,” Microsoft said.
Microsoft will roll out similar models with other cyber insurers and use its products to help improve insurers’ data insights for underwriting cyber risk. Customers will be able to opt in to share data and details about their security through Microsoft 365 and its other products, which could bring down their premium rates for cyber cover.
“This model rewards customers with real savings when adopting cybersecurity best practices and gives insurers the information they need to proactively protect their customers against breaches,” Microsoft said. “Insurers struggle to acquire and use dynamic, real-time data needed to mitigate cyber risk,” added the software company.
“For cyber insurance to play a meaningful role in overall risk management, buyers and sellers need the benefit of data and clear visibility into what is covered and factors either minimising or multiplying risk exposure,” said Ann Johnson, Microsoft’s corporate vice-president of security, compliance and identity.
Microsoft is also working with At-Bay to identify other ways to improve businesses’ cyber risk exposures and address any vulnerabilities for Microsoft users.
“An insurance policy is an effective tool to articulate the impact of cybersecurity choices on the financial risk of a company. By offering better pricing to companies that implement stronger controls, we help them understand what matters in security and how best to reduce risk,” said Rotem Iram, co-founder and CEO of At-Bay. “Working with Microsoft enables us to educate customers on the powerful security controls that exist within Microsoft 365 and reward them for adopting those control.