The Gately Report: Cowbell Cyber Partners to Benefit from New UK Operations, Further Expansion
Plus, a second, massive data leak has followed an earlier ransomware attack on Oakland, California.
Shutterstock
Channel Futures: Will the launch of the U.K. operations create new opportunities for Cowbell partners? And if so, how?
Isabelle Dumont: A key aspect of Cowbell is the fact that we also provide a lot of advice to our policyholders to improve their risk posture, and that comes along with having a portfolio of vetted security solution and security partners so that, for example, if they need help with endpoint protection or they need help with mobile, or they need help with securing their manufacturing operations, we can point them to a set of technology partners. In the United States, we’re working with about 70 different security vendors and technology vendors, and we do plan on replicating that in the United Kingdom. There are companies like Microsoft where it’s already obvious because they’re global, so that’s going to be a natural transition. But then we’re also looking at the local ecosystem of security vendors and what makes sense for us to do in the United Kingdom.
CF: With the new U.K. operations, what is Cowbell’s overall footprint now?
Matthew Jones: We would expect that we’ll be up and running selling policies in the United Kingdom around the midpoint of this year. We’re very excited for that, as I’m sure you can imagine. We’re really putting the finishing touches now over the next couple of months towards the product that we’ll be launching in the United Kingdom. And we do have some other markets in mind, both close to the United States and also close to the United Kingdom. And again, cyber risk doesn’t really respect boundaries and so we feel very confident about our ability to apply that technology in other markets. And some of the things that we look out for are SMEs’ recognition that cyber risk is something that they should be doing something about, and the ability for us to get a product into these countries and kind of get ready. And I’m pretty confident that maybe by the end of this year, but certainly in 2024, you can expect that we’ll be beyond the United States and the United Kingdom.
CF: Cowbell has grown its risk pool internationally to 35 million SMEs. How do your company and partners benefit from that?
Dumont: The risk pool is something that’s unique to us when we enter the cyber insurance market. We felt we needed to have a good grasp of the risk landscape and the cyber threat landscape. So we started to ingest and evaluate as many accounts as we could in the United States within our market segment. We’re focusing on SMEs, which we define as businesses with up to $1 billion in revenue. So basically that probably means that we have basic risk insights for these 35 million accounts. We know their internet footprint. We know some of the technologies they use. We know their size and so on. And that gives us an ability to really operate better at two levels. First, at a macro level, it gives us an overview of general risk and market trends. If we see something evolving in the overall market with 35 million, we’re pretty much confident that it’s a trend that we need to follow. But then when it comes to insurance and underwriting, it means that we have pre-assessed and almost pre-underwritten all these accounts. And that’s our ability when someone comes to us with an insurance application, when a broker says, “Hey, I’m interested in bringing coverage to this account,” we can turn that around pretty much immediately and offer a quote and an issue of policy in almost real time.
CF: What sort of growth is Cowbell’s partner ecosystem experiencing? Besides vendors, are there other types of partners that Cowbell works with?
Dumont: We work with a lot of different partners. Security are probably the closest ones to us and we went on that journey about two years ago where we had a lot of education to do on how to work together between security and insurance. We have a lot of different business models, different priorities and different ways to work deals, and so on. We launched Cowbell with 20 partners in 2021 and we have 70 now. So it’s a pretty reasonable growth. There are a lot of other partners. We buy data to help with our risk assessment, so we work with companies like Verizon. And we work with DarkOwl. You could classify them as a security company. They monitor the dark web for us and tell us whether some of our policyholders have leaked data on the dark web. And then we work a lot with associations. And also from a government point of view, some of the the organizations at the government level are pretty active in working on strengthening the cyber resilience of SMBs. So we have a partnership with the Small Business Association (SBA) and their digital initiative. We’re also working with NIST, for example. They’re in the process of revamping the cybersecurity framework. It was very much designed when they started for larger organizations and they’re taking a path where they want to help the small and medium-size segments. So we’re actively working with them as well to share what we’ve learned in the market.
CF: Cowbell recently opened a new technology center in India. How is that benefiting the company and its partners?
Dumont: Founder and CEO Jack Kudale always says we built two companies. First, we built a cybersecurity company, and then we laid on top of that a cyber insurance company. And I totally agree that you can’t insure risk if you’re not very comfortable with the risk you insure. So we need to understand cybersecurity very well. So there’s a lot of technology going on into Cowbell, not just on security, but also we really rebuilt the distribution of cyber insurance and really digitized the entire process. So there’s also a lot of technology with that. And we felt that opening our India center is a way for us to reach a lot more technology talent to maintain our growth, especially as we expand to new markets.
Matthew Jones: Especially when you think about not just the new markets, but as we think about supplementary products and expanding what we’re doing, the India technology center is really a unique opportunity for us to accelerate a lot of the technology development that we’re doing. There’s just so much opportunity out there right now and there are so many great ideas that we have bubbling up through the team at Cowbell that by opening this technology center, we have the opportunity to go and execute on those a lot faster than we otherwise would.
CF: What are some of the latest trends in cyber insurance? Just about everybody needs it and it can be difficult to obtain. And getting complete coverage isn’t always possible.
Dumont: What most insurers like us require is basic cybersecurity hygiene. We’re really asking for things that everybody should have in place, like multifactor authentication (MFA) on their email accounts and backups, and some training of employees against phishing email. There was a little bit of a pushback maybe two or three years ago. But what we see nowadays is a lot of the policyholders we’re dealing with are welcoming those requirements for cyber insurance because it helps them justify their budget for security. And the results are starting to show. When we have policyholders with us for 12 months or more, we’ve started to see a significant improvement in their risk profile, actually 9% over their industry peers. So we’re really looking at it as a win-win for everybody where we’re demanding a little bit more, but it’s a benefit to the policyholder for things they might not realize they should have. And nobody wants to have a cyber incident, period.
Jones: A couple of months ago, Isabel’s team launched Cowbell Academy, which is a platform that is designed to help agents and brokers across the United States understand what cyber risk is, but then understand what cyber insurance is and, of course, specifically what Cowbell can do for these partners. That’s really just flown off the shelves in the last couple of months or so. And we’re really happy about that because it shows that there’s just this kind of underlying determination to figure out what is this and how do we get SMEs covered.
CF: How does the evolving cyber threat landscape impact the cyber insurance industry? And is Cowbell shaping its offerings based on threat landscape changes?
Dumont: We’re in the same boat as the cybersecurity market, which means it’s never going to be done. There are always going to be new threats. The bad guys are as creative and almost as well funded as the security companies. So they will always come up with the next thing, which means we will have to evolve our cyber insurance product to meet those new requirements. It’s an ongoing process. The benefit of having a single vertically integrated platform, which is what we have here at Cowbell, is that we’re able to ingest new insights and change our own internal view of risk just as cyber risk is changing and just as fast as cyber risk itself is changing. And that was a deliberate decision by the founding team. We don’t suffer from a hodgepodge of different systems all patched together with sticky tape, which makes our life easier with keeping up with what’s happening in this space.
CF: What sort of feedback has Cowbell been receiving from partners?
Dumont: From the technology of security partners, what we hear from them is insurance is a new world and they’re very eager to learn because by now they know that cybersecurity technology by itself is not sufficient to protect a business from a cyberattack. It works in 99% of the cases, but for the last one person, you need something else. So they’re very eager. We’ve seen a big transformation over the past two years where I had discussion with them [and they say], “Cyber insurance? What?” And now they’re proactively reaching out to us, wanting to partner with us so that when they have a question from their customers, they have a partner like Cowbell to work with to offer cyber insurance to their customers.
CF: What can partners expect from Cowbell in the months ahead further into 2023?
Dumont: There are a lot of different aspects to cybersecurity and managing technology. So we’re just getting started. There’s so much to cover, but we’re always adding in the area of compliance, helping our policyholders solve their compliance challenges. We need to do more in the area of backups, identity management, and after that everything that follows any of the technology trends. There’s obviously the big elephant in the room, which is artificial intelligence (AI) and the new types of problems that it causes for cyber, and how you secure it and so on. So I expect a lot of development to take place there.
In other cybersecurity news …
In February, the City of Oakland declared a state of emergency after a ransomware attack hampered local government operations.
Now, the city is confirming a massive second data leak by the Play ransomware group, which claimed responsibility for the ransomware attack.
“We recently became aware that the same unauthorized third party claiming responsibility for the ransomware incident has posted additional data allegedly taken from our systems during the incident in February to a website not searchable via the traditional internet,” the city said. “We are working with third-party specialists and law enforcement to investigate and we will continue conducting a thorough review of the involved files.”
The stolen data include the personal information of certain current and former employees, and a limited subset of residents, such as some individuals who filed a claim against the city or applied for certain federal programs with the city. It’s mailing notification letters to impacted residents to provide them with further details and resources to help protect their personal information.
Sally Vincent, senior threat research engineer at LogRhythm, said the people who have had their personally identifiable information (PII) leaked from this hack are already becoming victims of financial crimes.
“These double extortion attempts are becoming routine and can lead to lawsuits from victims whose data was leaked,” she said. “Cities need to have a robust cybersecurity posture to be able to defend against these attempts to steal and extort data as long as these hackers may continue to profit from their crimes. In addition to other preventative measures like password hygiene, threat detection, and real-time monitoring and visibility capabilities, this posture should incorporate efficient incident response strategies. Prioritizing security and protecting sensitive data also requires continuous patching, creating backups and putting emphasis to educational training.”
Daniel Selig, security automation architect at Swimlane, said the hacking group has released an additional 600 gigabytes of data, following the initial 10 gigabytes that was revealed last month.
“Data compromised in the leak includes personal documents stolen from the city’s police department, including information about the city’s mayor,” he said. “What’s more, the operations of several vital city services have been affected due to the attack and resulting breaches. The city was finally able to reinstate its 311 phone line, its system for city contracts and its online permit center just last week. Some services remain crippled.”
In order to reduce the likelihood of such attacks and ensuing breaches in the future, organizations must implement low-code security automation to assist in detecting and responding to threats in real time by enabling total visibility into IT infrastructures, Selig said.
“Endpoint security products that incorporate low-code security automation provide businesses with a coordinated protection plan that, in the end, safeguards citizens by keeping the most important data safe and secure from outside threats,” he said.
Just a small volume of security exposures can put more than 90% of an organization’s critical assets at risk of compromise.
That’s according to XM Cyber‘s latest research, produced in collaboration with the Cyentia Institute. It analyzed more than 60 million exposures in over 10 million entities.
Only 2% of security exposures can actually lead to critical assets, and most exposures (75%) along attack paths lead to dead ends. This comes as many CISOs and security teams are faced with an overwhelming volume of exposures to validate and analyze, and struggle to prioritize remediation efforts.
The report also conveys the importance of having strong security controls for both cloud and on-premises environments. Seventy-one percent of organizations have exposures in their on-premises networks that put their critical assets in the cloud at risk.
Other key findings from the latest XM Cyber research include:
The average organization has 11,000 exploitable security exposures in a given month.
Once attackers pivot from their on-premises to cloud environment, 92% of critical assets lie just one step away.
Techniques targeting credentials and permissions affect 82% of organizations and exploit over 70% of all identified security exposures.
Zur Ulianitzky, vice president of research at XM Cyber, said isolated exposures that can’t be used by attackers to compromise critical assets is creating a lot of wasted remediation workload.
“However, it was of particular interest that our research found that approximately 2% of exposures are located on choke points — entities through which multiple attack paths converge en route to critical assets,” he said. “If your organization is looking for quick wins to reduce considerable risk, these offer compelling focal points. Organizations must focus on remediating choke points so that they can practically eliminate all attack paths to critical assets.”
Organizations can’t realistically remediate all exposures in their environment, Ulianitzky said. Even with the existing prioritization tools, the lists are still too long.
“Moreover, they don’t look at whether these exposures are on an attack path to critical assets,” he said. “Unfortunately, our industry tends to overrate everything as critical, while offering very little to help organizations determine whether a risk can be safely ignored, delayed or otherwise deprioritized. Part of the challenge is that it’s very difficult to rule out the possibility that threats and vulnerabilities can negatively impact an organization. This is where seeing the adversary’s perspective through attack path analysis is extremely valuable. We’re able to determine that the necessary pre-conditions for exploiting certain paths do not exist (and know if that changes in the future).”
South Dakota and Alabama are the top two states most at risk of cyber crime, while eastern states are predominantly most at risk.
That’s according to a new study by Sprinto, a security compliance software provider. The most frequent types of cyber crime are non-payment/non-delivery, personal data breach, credit card fraud, identity theft and social media.
Sprinto analyzed the most recent data from the Internet Crime Complaint Center (IC3) on the states most at risk of cyber crime attacks to underscore how individuals and businesses across states can exercise safeguards.
Businesses in South Dakota and Alabama lose as much as $59,960 every year to fraud. New York ranks third, with an average loss of $32,040 per complaint.
Delaware, Massachusetts, Georgia, Vermont, New Jersey, California and Kansas rounded out the top 10.
At the other end of the scale, Indiana saw the lowest losses from cyber crime, with an average loss of $5,430 per fraud complaint.
The research also reveals that business email compromise (BEC), also known as email account compromise (EAC), is the costliest type of fraud, ranking as the No. 1 most costly across 42 states.
Organizations are losing an average of 5% of their revenue to fraud each year, and the estimated cost of fraud for U.S. financial institutions in 2021 was $4.2 billion.
“Irrespective of which state one belongs to, when it comes to technology and data security, people (businesses included) should think about it in the context of risk management,” a Sprinto spokesperson said. “They should consider the potential risks associated with any technology and take steps to mitigate those risks. This means adopting a proactive approach to data security, including regularly updating all software, using strong passwords, and being vigilant against phishing and other types of cyber threats. In essence, adopting a security-first approach to technology, where you are prioritizing data security over convenience and speed, and are willing to invest time and resources in cybersecurity measures, is the surest way of reducing and even preventing cyber crimes of such scale.”
South Dakota and Alabama are the top two states most at risk of cyber crime, while eastern states are predominantly most at risk.
That’s according to a new study by Sprinto, a security compliance software provider. The most frequent types of cyber crime are non-payment/non-delivery, personal data breach, credit card fraud, identity theft and social media.
Sprinto analyzed the most recent data from the Internet Crime Complaint Center (IC3) on the states most at risk of cyber crime attacks to underscore how individuals and businesses across states can exercise safeguards.
Businesses in South Dakota and Alabama lose as much as $59,960 every year to fraud. New York ranks third, with an average loss of $32,040 per complaint.
Delaware, Massachusetts, Georgia, Vermont, New Jersey, California and Kansas rounded out the top 10.
At the other end of the scale, Indiana saw the lowest losses from cyber crime, with an average loss of $5,430 per fraud complaint.
The research also reveals that business email compromise (BEC), also known as email account compromise (EAC), is the costliest type of fraud, ranking as the No. 1 most costly across 42 states.
Organizations are losing an average of 5% of their revenue to fraud each year, and the estimated cost of fraud for U.S. financial institutions in 2021 was $4.2 billion.
“Irrespective of which state one belongs to, when it comes to technology and data security, people (businesses included) should think about it in the context of risk management,” a Sprinto spokesperson said. “They should consider the potential risks associated with any technology and take steps to mitigate those risks. This means adopting a proactive approach to data security, including regularly updating all software, using strong passwords, and being vigilant against phishing and other types of cyber threats. In essence, adopting a security-first approach to technology, where you are prioritizing data security over convenience and speed, and are willing to invest time and resources in cybersecurity measures, is the surest way of reducing and even preventing cyber crimes of such scale.”
Cowbell Cyber partners have a lot to look forward to. The provider of cyber insurance for SMEs has launched its United Kingdom operations and has plans for further expansion.
Cowbell Cyber’s Matthew Jones
That’s according to Matthew Jones, Cowbell’s chief strategy officer. Founded in 2019, Cowbell is backed by 20 global (re)insurance partners. It serves SMEs in 50 U.S. states and the District of Columbia.
Cowbell has grown its risk pool internationally to 35 million SMEs. That allows the company to pre-assess risk and deliver coverage while maintaining an accurate underwriting process. Cowbell’s risk pool also contributes to maintaining proactive visibility into the macro-level cyber threat landscape in the SME market.
New Cowbell Technology Center
To further extend the company’s global focus on innovation for cyber insurance, Cowbell recently opened a new technology center in Pune, India. This follows a string of initiatives the company has launched over the past year. That includes Cowbell 365, which offers policyholders support for risk improvement and incident response, and the introduction of Cowbell’s Adaptive Cyber Insurance offering.
Cowbell continuously evolves its policies to remain aligned with the policyholder’s cyber exposures. It also does so to avoid coverage gaps and bring transparency into renewal terms throughout the policy period.
Cyber Doesn’t Recognize Borders
Cowbell Cyber’s Isabelle Dumont
To learn more about Cowbell, we spoke with Jones and Isabelle Dumont, senior vice president of tech partnerships and marketing.
“The really interesting thing about the United Kingdom right now is that it’s actually in many ways in the state that the U.S. market was a few years ago,” he said. “So if you compare penetration among SMEs in the United States versus the United Kingdom, far fewer SMEs are buying cyber insurance in the United Kingdom than in the United States. And unlike property insurance, which in many ways is defined by borders, cyber insurance knows no bounds. Cyber doesn’t recognize borders. And so after the last three-and-a-half to four years of building technology, what we own is a technology asset that enables us to select risk in almost any market. And given what we’ve learned over the last few years, we also feel very confident about being able to apply that to helping our customers reduce their risk over time.”
Scroll through our slideshow above for more from Cowbell and more cybersecurity news.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn. |
About the Author(s)
You May Also Like