Fireeye And Ace Group Announce Strategic Alliance To Mitigate Cyber Risk Featured

Fireeye And Ace Group Announce Strategic Alliance To Mitigate Cyber Risk

FireEye, Inc. have announced a strategic alliance with ACE Group, a global property and casualty insurer. The relationship brings together expert technical insight from FireEye to assess an individual organization's threat exposure, with ACE's Loss Mitigation Services program, a multi-tier offering that helps organizations fully understand and mitigate their cyber security risk.

Together, the companies will offer improved visibility into the cyber security preparedness of each client, allowing cyber insurance to be tailored specifically for their risk profile.

Today's changing threat landscape makes it impossible for even the most security-conscious organization to guarantee they will not be the victim of a cyber attack. Traditional defenses are proving ineffective against increasingly sophisticated threat actors, making breaches inevitable. The current state of cyber security requires a dual focus by companies: increase protection to reduce the likelihood of an attack; and insure themselves against the losses in the event that an attack is successful.

The alliance offers a new way for the insurance industry to help cyber policyholders. FireEye will provide its leading technology, threat intelligence and expertise to help monitor for suspicious activity, provide context for security alerts and respond to any level of breach. It will enable threat intelligent underwriting and claims to provide risk transfer acceptance and make claim decisions based on the current and available threat intel -- ultimately resulting in combined operational and financial resilience in case of a security breach.

"Risk mitigation is at the heart of all security," said Steve Pataky, vice president of worldwide channels and alliances at FireEye. "Our alliance with ACE Group is a natural fit as it allows organizations to assess and address their exposure to cyber threats and minimize this exposure across the risk spectrum."

In addition to incident response, FireEye will offer four tiers of services to ACE policyholders:

Cyber Threat Education Session: Countering persistent threat actors that are politically or financially motivated requires an understanding of how and why these attacks happen. In this one-hour session, FireEye will educate ACE policyholders on why traditional defenses such as firewall and anti-virus are sometimes limited in the detection, prevention and investigation of today's targeted attacks.

Cyber Strategy Technology Briefing: Using a pre-assessment survey, FireEye will assess the ACE policyholder's ability to detect and respond to an Advanced Persistent Threat (APT), deliver a three-hour briefing on the current threat landscape, and provide high-level recommendations on improving their incident response plans.

Cyber Threat Health Check: This technology-based assessment provides a more in-depth view of an organization's security environment without the use of extensive software deployments, allowing a less intrusive assessment of their security posture.

FireEye as a Service(TM): FireEye analysts will act as an extension of the organization's cyber security team, providing insight and intelligence from the front lines of incident responses, proactive hunting for Indicators of Compromise (IOCs) in their environment, and around-the-clock monitoring for indications that a cyber attack has bypassed technology defenses.

"ACE has been at the forefront of the cyber insurance market since the very beginning," said Michael Tanenbaum, Senior Vice President, ACE Professional Risk. "We understand that implementing a comprehensive information security program is essential for organizations, but can be daunting for even the most seasoned professionals. ACE introduced Loss Mitigation Services to streamline the execution of a comprehensive security process for our policyholders. The formation of this alliance is another step in providing policyholders the optimal tools to detect attacks and understand the risks these attacks pose to their most valued assets."


back to top