4 min

SASE and cyber insurance: an effective combination for protection against cyberattacks

With the upcoming entry into force of the NIS2 directive, combining a SASE approach with cyber insurance can be an effective solution for your cybersecurity and cyber resilience.

Cyber risks - Thomas Joos - December 26, 2023

SASE, by definition, refers to a network architecture that combines advanced security functionality with WAN (Wide Area Network) capabilities. The solution integrates various security services, including Secure Web Gateways, Cloud Access Security Brokers, Firewall-as-a-Service and Zero Trust Network Access, directly into the WAN to route Internet and cloud computing traffic securely and efficiently.

Since the traffic is secured at the source, a SASE approach improves companies’ security, wherever the user may be found. The SASE framework also reduces complexity by grouping multiple security productions within a single cloud platform. This reduces operating costs while improving network performance, especially for multi-site companies that are coming to increasingly rely on cloud computing services.

Phishing remains a weak link despite effective protection

Even with this kind of secure infrastructure, a successful cyberattack can happen at any time and wreak havoc in the network. This is often due to a phishing attack, one in which an attacker tricks internal users into giving them access to the network. As demonstrated in Check Point’s 2023 cybersecurity report, email is responsible for 83% of cyberattacks.

A SASE approach can provide some protection here as well, but hackers target users directly to steal their access credentials. If they are successful, the organization will likely be the victim of cyberespionage or a ransomware attack.

According to a 2022 study by the Cyber Rescue Alliance, nearly all companies in the world have been targeted by a phishing attack at least once. In 12% of successful attacks, the attacker managed to gain full access to all the company’s data for more than a year before the ransomware encrypted the data.

Cyber-health insurance for companies

Cyber insurance intervenes when a company has suffered a cyberattack. It covers all the expenses related to fighting the cyberattack and helps to repair the damage. According to a report by insurance company Hiscox, several companies around the world have also found themselves going bankrupt after a cyberattack. However, cyber insurers require a certain level of network protection before they agree to bear the costs. This is precisely the situation in which the SASE approach shows its strengths, which also apply to the NIS2 directive.

In most cases, implementing SASE is a sustainable way to meet insurers’ requirements. It significantly reduces the likelihood of a cyberattack’s success while ensuring that the insurer will take over and cover the damages in the case of an attack.

In such a scenario, SASE keeps watch over technical protection while cyber insurance protects the company’s finances. Even if the company implements an optimal security architecture, employees remain a weak link that cybercriminals can target to gain usernames and passwords, for example. Generally, hackers don’t actually have to hack into anything. They simply log in with the stolen credentials, do their damage, and encrypt and steal data. Cyber insurance is powerless in this case, but it will protect the organization against the consequences of such an attack.

What costs are covered by cyber insurance?

Cyber insurance covers the direct damage caused by the cyberattack up to a limit of coverage defined in the contract. This generally includes the cost of restoring the IT infrastructure and the lost data. It also covers the costs of expert appraisal and preservation of evidence. Expert appraisal often requires taking the IT infrastructure out of service, at least temporarily. Here as well, the costs are covered by cyber insurance.

It will also cover the economic consequences of the attack, including indemnifying third parties and all the expenses needed to contain the damage. A call center to inform customers and suppliers of the situation can also be eligible expenses.

Cyber insurance will cover legal advisers’ fees to assess the legal consequences of the attack in terms of data protection and compensation for third parties as well as the company’s legal obligation to provide information. The costs are considerable and difficult to estimate ahead of time. Implementing a certain level of IT protection within the company is a prerequisite to concluding any cyber insurance contract. SASE infrastructure fulfills this requirement and then some.

How does a SASE approach protect against cyberattacks?

The provider’s SASE model generally implements state-of-the-art technologies to make the most of the IT security infrastructure and maximize protection against cybercrime. Essential components include protection against phishing and the complete protection of cloud service credentials.

It also incorporates patch management, effective firewalls, and a zero-trust approach to identifying users working remotely or using mobile devices. In the SASE model, the NAC (Network Access Control) determines which users can access the company’s data and under what conditions.

This is an essential aspect that helps to protect against phishing. Network segmentation and other, complex security technologies come into play without any extra charge for the company since the SASE provider takes care of them. This results in a high level of technical expertise that provides maximum security. With cyber insurance by their side, companies have exactly the protection they need to face tomorrow’s cyberattacks.

Send this to a friend