Lloyd's of London launches cyber insurance consortium with HITRUST certification
Image by starlings image / copyright Shutterstock
This first-of-its-kind shared risk facility revolutionises the cyber insurance landscape, delivering exclusive, market-leading coverage and rates to HITRUST-certified organisations worldwide. By aligning relevant and reliable cybersecurity practices with tailored insurance solutions, the consortium sets a new standard for incentivising and protecting trusted organisations.
As cyber threats continue to escalate, organisations face increasing pressure to effectively measure and mitigate information risk. HITRUST's proven methodology provides an industry solution to manage information risk and to measure residual risk. By incorporating relevant risk management practices and security controls with a comprehensive and reliable assurance process, HITRUST-certified organisations achieve a significantly lower likelihood of breaches with the gold standard for resilience in an increasingly volatile threat landscape and endorsement by leading cyber insurers.
According to the recently published 2024 Trust Report, less than 1% of HITRUST-certifications experienced a breach over the past two years. This statistic underscores the effectiveness of the HITRUST assurance programme in delivering measurable risk mitigation outcomes.
"The creation of this consortium validates the effectiveness of the HITRUST methodology in reducing cyber risk and enabling consistency and transparency measuring residual risk," said Blake Sutherland, Executive Vice President of Sales and Business Development at HITRUST. "By recognising the rigorous and measurable security practices of organizations with HITRUST-certifications, this facility enables insurers to confidently offer enhanced coverage options with more competitive rates, creating a win-win scenario for both businesses and insurers."
The newly formed consortium with Lloyd's of London unites additional capital from a global network of Moody's recognised AA-rated insurers to establish an innovative shared risk facility.
This novel initiative leverages the proven link between HITRUST certification and superior and measurable risk management, enabling insurers to confidently deliver enhanced and more consistent insurance products. The facility is designed to scale as additional insurers join, ensuring greater capacity to meet the evolving demands of HITRUST-certified organisations across the globe.
"This massive initiative underscores Lloyd's of London's commitment to fostering innovation and staying on the cutting edge of a new cyber insurance frontier," said Robert Booker, Chief Strategy Officer, HITRUST. "The consortium - built on HITRUST's unique ability to help organisations measure and manage residual risk while allowing third parties to trust and rely on those results - sets a new standard for how the insurance industry will align policies with cyber risks moving forward."
To enable this consortium, HITRUST has developed a secure API that allows insurers to access detailed information about an organisation's HITRUST r2 certification through the company's Results Distribution System (RDS). This technology ensures that insurers receive structured, consistent assessment data, facilitating a more accurate and efficient underwriting process.
"By integrating HITRUST certification into our underwriting process, we're able to offer tailored cyber insurance solutions that not only recognize but also reward organisations for their commitment to stringent security standards," said Josh Ladeau, CEO of Trium Cyber, the underwriting lead for the initiative. "This collaboration marks a pivotal step in aligning cybersecurity excellence with comprehensive insurance coverage, providing certified organisations with the confidence and protection they deserve in today's volatile digital landscape."
Understanding the Shared Risk Facility
A shared risk facility is a collaborative arrangement where multiple insurers come together to share the underwriting risk associated with policies. For HITRUST-certified organisations, this means access to better insurance options, as the insurers collectively recognise the reduced risk these organisations present. This collaboration fosters a more stable and competitive insurance market.
