Recently
the
HPE-exclusive silicon root of trust that protects the
firmware in every HPE server, and the
Aruba Policy Enforcement Firewall were designated by
Marsh for its Cyber Catalyst program.
The
definition of "security" is "freedom from danger," while the risk is
defined as
"exposure to the chance of injury or loss."
So, though in many instances, security and risk are used interchangeably, they
are, in fact, complementary. The mission of security is to reduce risk,
which brings up inevitable questions: How much security is enough? Will
this incremental investment reduce risk? What are the tradeoffs?
In
today's world of constantly morphing malware and weaponized cyber attacks, no
organization is totally secure and hence no organization is risk-free. In fact,
striking a balance between security and risk has never been more difficult.
But, help is on the way. Marsh, the world's
leading insurance broker and risk adviser, and eight leading cyber insurance
underwriters have joined together to help organizations invest in security
solutions that will reduce risk. Through a ground-breaking program called
Cyber Catalyst by
Marsh, organizations will receive greater clarity and confidence in
choosing cybersecurity solutions that can have a meaningful impact on cyber
risk. Cybersecurity products and services viewed as effective in reducing cyber
risk will be designated as "Cyber CatalystSM" and organizations that adopt
Cyber Catalyst-designated solutions may qualify for enhanced terms and
conditions on cyber insurance policies from participating insurers.
The
program evaluated over 150 security solutions against the following criteria
before naming 17 industry-leading security solutions as Cyber Catalyst designees:
- Verifiable and measurable reduction in cyber risk
- Successful implementations
- Applicability across a broad range of customers
- Differentiated features and characteristics
Beyond
the obvious insurance benefit, the program is important for several reasons.
First, it ties security and risk together so that business impact is introduced
into what are typically technical security decisions. Second, this is done by
insurance companies whose business it is to understand the monetary impact of
risk-how to identify it, manage it and mitigate it. Third, organizations
can now add cyber insurance to the "people, process and technology" triad that
dominates today's security discussion.
Marsh
just announced the first group of recipients of the Cyber Catalyst certification
today. The products went through a thorough multi-stage evaluation process and
represent a broad swath of security solutions. Organizations from small
offices to F500 enterprises can now tune their security technology decisions to
the risk they address.
We
at HPE have been fortunate that both of our submitted products - the HPE-exclusive silicon root of trust that protects the
firmware in every HPE server, and the Aruba Policy Enforcement Firewall have been designated
Cyber Catalyst solutions. Given the ubiquity of the Policy Enforcement Firewall
and its integration with ClearPass Policy Manager in protecting network connectivity
and IT access and the millions of HPE servers that feature silicon root of
trust, HPE customers and partners can now avail themselves to Cyber
Catalyst-designated solutions from the edge to the cloud.
With
the health of the business tied inextricably to the health of IT, the Cyber
Catalyst program will help business executives from the corner shop to the
corporate board room reach intelligent decisions about where they should make
their security investments across people, process, technology and now,
insurance.
Useful
links: Marsh
Cyber Catalyst program Aruba Policy Enforcement Firewall HPE Silicon Root of Trust HPE Cybersecurity Solutions Recognized for Ability to Reduce
Risk by Insurers in New Cyber Catalyst Program
##
About the Author
Larry Lunetta is vice president of security product
marketing at Aruba, a Hewlett Packard Enterprise company. Larry is also a guest
lecturer for entrepreneur studies at Arizona State University.