Backed by Global AA-Rated Insurers, HITRUST-Certified Organizations Gain Access to New Cyber Insurance Offerings with Enhanced Coverage and Lower Rates
FRISCO, Texas, Dec. 12, 2024 /PRNewswire/ — HITRUST, the leader in information security assurances for risk and compliance management, today unveiled an innovative cyber insurance consortium in collaboration with Lloyd’s of London and backed by a network of globally recognized AA-rated insurers. This first-of-its-kind shared risk facility revolutionizes the cyber insurance landscape, delivering exclusive, market-leading coverage and rates to HITRUST-certified organizations worldwide. By aligning relevant and reliable cybersecurity practices with tailored insurance solutions, the consortium sets a new standard for incentivizing and protecting trusted organizations.
As cyber threats continue to escalate, organizations face increasing pressure to effectively measure and mitigate information risk. HITRUST’s proven methodology stands out as the industry-leading solution to manage information risk and to measure residual risk. By incorporating relevant risk management practices and security controls with a comprehensive and reliable assurance process, HITRUST-certified organizations achieve a significantly lower likelihood of breaches with the gold standard for resilience in an increasingly volatile threat landscape and endorsement by leading cyber insurers.
According to the recently published 2024 Trust Report, less than 1% of HITRUST-certifications experienced a breach over the past two years. This remarkable statistic underscores the effectiveness of the HITRUST assurance program in delivering measurable risk mitigation outcomes.
“The creation of this consortium validates the effectiveness of the HITRUST methodology in reducing cyber risk and enabling consistency and transparency measuring residual risk,” said Blake Sutherland, Executive Vice President of Sales and Business Development at HITRUST. “By recognizing the rigorous and measurable security practices of organizations with HITRUST-certifications, this facility enables insurers to confidently offer enhanced coverage options with more competitive rates, creating a win-win scenario for both businesses and insurers.”
The newly formed consortium with Lloyd’s of London unites additional capital from a global network of Moody’s recognized AA-rated insurers to establish an innovative shared risk facility. This novel initiative leverages the proven link between HITRUST certification and superior and measurable risk management, enabling insurers to confidently deliver enhanced and more consistent insurance products. The facility is designed to scale as additional insurers join, ensuring greater capacity to meet the evolving demands of HITRUST-certified organizations across the globe.
Key benefits for HITRUST-certified organizations include:
- Lower Insurance Costs: Exclusive, market-leading rates with more favorable terms and significant savings that reflect an organization’s commitment to strong cybersecurity practices, including a starting credit of 25% on premiums.
- Simplified Insurance Process: Redundant questionnaires and lengthy application cycles are replaced with streamlined underwriting based on data from the HITRUST certification; some policies being underwritten in just one week.
- Comprehensive Coverage: Policies are built on a single-page exclusion model, offering clarity and adaptability while supporting a wide range of organizational needs.
- Scalable Protection: Access to increasing capacity as the consortium grows, ensuring coverage is adaptable to an organization’s needs as they change and grow over time.
- Recognition for Security Investments: Demonstrate to partners, clients, and regulators that your organization meets the highest standards of cybersecurity, validated by the industry’s most trusted risk management framework.
“This massive initiative underscores Lloyd’s of London’s commitment to fostering innovation and staying on the cutting edge of a new cyber insurance frontier,” said Robert Booker, Chief Strategy Officer, HITRUST. “The consortium—built on HITRUST’s unique ability to help organizations measure and manage residual risk while allowing third parties to trust and rely on those results—sets a new standard for how the insurance industry will align policies with cyber risks moving forward.”
To enable this consortium, HITRUST has developed a secure API that allows insurers to access detailed information about an organization’s HITRUST r2 certification through the company’s Results Distribution System (RDS). This technology ensures that insurers receive structured, consistent assessment data, facilitating a more accurate and efficient underwriting process.
“By integrating HITRUST certification into our underwriting process, we’re able to offer tailored cyber insurance solutions that not only recognize but also reward organizations for their commitment to stringent security standards,” said Josh Ladeau, CEO of Trium Cyber, the underwriting lead for the initiative. “This collaboration marks a pivotal step in aligning cybersecurity excellence with comprehensive insurance coverage, providing certified organizations with the confidence and protection they deserve in today’s volatile digital landscape.”
Understanding the Shared Risk Facility
A shared risk facility is a collaborative arrangement where multiple insurers come together to share the underwriting risk associated with policies. For HITRUST-certified organizations, this means access to better insurance options, as the insurers collectively recognize the reduced risk these organizations present. This collaboration fosters a more stable and competitive insurance market.
Availability and Next Steps
The enhanced cyber insurance offerings are available to HITRUST-certified organizations effective immediately through their existing brokers. Currently available for HITRUST r2 certifications, plans are underway to extend this capability to include the i1 and e1 assurance programs in 2025. Additionally, there is potential to expand the scope to encompass HITRUST’s newly released AI Security Certification offering.
Organizations interested in benefiting from improved coverage and rates are encouraged to pursue HITRUST certification to take advantage of these new options.
For more information about how to get started with HITRUST certification, please visit hitrustalliance.net/cyber-insurance or contact us.
About HITRUST
HITRUST, the leader in cybersecurity assurance used in risk management and compliance, offers certification programs for the application and validation of security, privacy, and AI controls. Informed by over 50 standards and frameworks, the company’s threat-adaptive approach delivers the most relevant and reliable solutions, including multiple selectable and traversable assessments and certifications, an ecosystem of over 100 independent assessment firms, centralized quality reviews, reporting and certification, and a powerful SaaS platform enabling its program and process. For over 17 years, HITRUST has led the assurance industry and today is widely recognized as the most trusted solution to establish, maintain, and demonstrate security capabilities for risk management and compliance.
About Lloyd’s of London
Lloyd’s of London is the world’s leading insurance and reinsurance marketplace, bringing together a unique concentration of specialist expertise and talent. With a rich history spanning over 330 years, Lloyd’s operates in more than 200 countries and territories worldwide, providing a range of insurance products and services to businesses and organizations of all sizes.
For media inquiries, please contact:
Leslie Kesselring
Kesselring Communications for HITRUST
leslie@kesscomm.com
503-358-1012
SOURCE HITRUST Services Corp.