Former Homeland Security chief launches ‘intelligent’ insurance against cyber-attacks
Mon 6 Oct 2014
Former United States Secretary of Homeland Security Tom Ridge launched a new insurance company in London today specialising in protecting larger mid-sized firms from cyber-attacks. The coverage is aimed at C-suite executives, and promises to leverage ‘real intelligence that is sector and company specific’, eschewing ‘templated’ assessment approaches and offering policies of up to $50mn.
According to the official announcement, the services are aimed at the board of directors of retail, financial services, healthcare and energy companies. Though no details have been given about the system of intelligence gathering that Ridge Insurance Solutions Company will offer, it seems reasonable to assume that its remit is currently dedicated to these four sectors.
Ridge was the first U.S. Secretary of Homeland Security under the George W. Bush administration, and says in the release: “This is not just about insurance but helping and incentivizing companies to manage their cyber operations more effectively.”
The solutions are aimed at businesses with market capitalisation below $500mn, said by the announcement to represent 80% of U.S. publicly quoted companies.
Governor Ridge said: “Working together with the Lloyd’s syndicates, we have developed a cyber insurance product uniquely designed to help that class of business – to better protect unsuspecting customers from hackers and help ensure that these job creators have an opportunity to flourish and grow.”
Ridge already runs Ridge Schmidt Cyber LLC, a cyber-security consultancy in partnership with Howard Schmidt, who was Cyber-Security Coordinator of the Obama Administration between 2009-2012.
Ridge Insurance Solutions Company is based in Washington D.C., with offices in Georgia and NYC.
In a recent interview [PDF], Ridge observed: “You have to be proactive in both how you organize and how you manage cyber risk. Most executives weren’t taught this kind of risk management in business school. Yes, cybersecurity is about IT’s ones and zeros, but it’s also your bottom-line ones and zeros. Your business is on your networks and systems, so cyber- security must be treated as the business imperative that it is.”