Press release published by permission from Chubb Group of Insurance Companies.
Offers Premium Credit for Organizations
that Implement Testing
WARREN, NJ, December 3, 2007 - In an effort to thwart the increasing amount of cyber-related crime, the Chubb Group of Insurance Companies is encouraging organizations to ramp up network security by offering a premium discount for its CyberSecurity by Chubb insurance product. The premium credit will be available to organizations that implement and regularly test their systems via the new best-practice penetration testing methods as defined by the National Institute of Standards and Technology (NIST).
“An organization’s information is one its most valuable assets,” said Tracey Vispoli, Chubb’s Global Financial Fidelity Manager. “From customer notification to lost sales to stock price plummets, the costs of a data compromise can be staggering. Data breach disclosure laws now in place in more than 30 states are further driving up the costs of a security breach. With cyber-security incidents doubling every year since 1995, regulators, shareholders and customers expect organizations to protect their information and secure systems against attacks or compromise. The NIST standards incorporate state-of-the-practice security controls for information systems and a process to assess the effectiveness of those controls. Regular, ongoing testing is a critical component of any effective security program, and we believe that organizations that effectively implement best-practice testing can reduce their risk of a security breach.”
The testing evaluates a network's ability to protect an organization’s information from unauthorized access and enhances an organization’s understanding of its overall security. As a result, organizations that regularly test their systems can help prevent unauthorized access to valuable information such as customer data. Chubb’s premium discount is available to CyberSecurity by Chubb customers that adopt the new best-practice testing procedures outlined in Appendix G of the soon-to-be-released NIST Special Publication 800-53A, “Guide for Assessing the Security Controls for Federal Information Systems.” The NIST standards are the same ones that are used by the federal government and its support contractors to promote security. CyberSecurity by Chubb helps protect organizations from the emerging risks associated with e-business by providing insurance for direct loss, legal liability and consequential loss through six insurance coverages.
Organizations can qualify for Chubb’s premium credit by using CORE IMPACT software from Core Security Technologies. CyberSecurity by Chubb customers are also eligible for a discount on CORE IMPACT.
“With this program, Chubb continues to demonstrate leadership in the cyber-insurance market, by helping their policyholders improve their security posture and lower their risk profile,” said Jeff Cassidy, vice president of business development, Core Security Technologies. “We share this goal with Chubb, and encourage their customers to test and validate the health of their IT environment.”
The member insurers of the Chubb Group of Insurance Companies form a multi-billion dollar organization providing property and casualty insurance for personal and commercial customers worldwide through 8,500 independent agents and brokers. Chubb's global network includes branches and affiliates throughout North America, Europe, Latin America, Asia and Australia. Additional information on Chubb can be found at www.chubb.com.