Ironshore subsidiary to offer risk management services for cyber policyholders


IronPro, the professional liability unit of Bermuda-based Ironshore, is introducing a suite of enhanced risk management services for cyber policyholders. 

IronPro will provide eligible Ironshore highly protected information (HPI) policyholders with cyber monitoring and alert services (CMAS) during the policy period.

The firm has engaged BorderHawk, an Atlanta-based security firm, to offer CMAS services that analyse cyber activity to detect questionable client events. 

CMAS generates and transmits a cyber risk warning alert to a predetermined point of contact for immediate action in the event of a potential risk. 

Cyber risk warning alerts signal potential vulnerabilities or threats associated with a specific IP address, thereby indicating heightened risk exposure to the client entity. 

IronPro’s product enhancement will also feature a cyber security assessment and technical services review to be conducted by US Homeland Security, at no additional cost.  Homeland Security’s C3 Voluntary Program and National Cybersecurity Assessment and Technical Services (NCATS) provide an objective third party perspective on the current cyber security exposure within the policyholder’s network. 

Ironshore HPI policyholders can then access an on-call third party chief security officer who can address and help remediate identified vulnerabilities.

“We recognise that while ‘alerting’ systems can be a critical component of cyber security programmes, most organisations depend on ‘accidental discovery’ to initiate investigations of malicious cyber threats,” said c president of BorderHawk. 

“IronPro clients will be notified when questionable activity occurs, providing a more responsive investigation when primary security tools do not recognise a potential threat.”

Akridge also said that CMAS addresses recent reports that some malware solutions “demonstrate an estimated recognition effectiveness of only 60 percent and malware dwell times of nearly twenty-four months before discovery is the norm in detecting potential threats.”

Kurtis Suhs, IronPro privacy national practice leader and vice president of technology errors and omissions, added: “IronPro’s enhanced risk management offering complements our existing specific asset-class PrivaProtector policy form to address risk exposures for critical infrastructure insureds within the healthcare, financial services, manufacturing and commercial facilities sectors.”

“A more aggressive approach to cyber security protection is designed to minimize the loss associated with data breach events.” 

IronPro, Ironshore, Steve Akridge, Kurtis Suhs, BorderHawk, Risk Management, Bermuda

Bermuda Re