A first-of-its-kind online insurance program has just been established between Google Cloud and international insurers Allianz and Munich Re, enabling better cyber risk management and eventually cost efficiencies for enterprise cloud users

Source: AFP

Google teams with Allianz, Munich Re to manage cloud cyber risk

  • A first-of-its-kind online insurance program has just been established between Google Cloud and international insurers Allianz and Munich Re, enabling better cyber risk management and eventually cost efficiencies for enterprise cloud users

Insurers have had to tiptoe around covering enterprises for cyber risk protection for years now, but a new tie-up between Google Cloud, Allianz, and Munich Re is providing companies with an avenue to make cyber insurance more mainstream and embed it into cloud services.

Initially to be targeted at US-based companies with annual revenues of between US$500 million and US$5 billion, the two insurance companies headquartered out of Munich, Germany will cover up to US$50 million in potential online losses for Google Cloud customers.

“We didn’t want to overreach coming out of the box. But the plan is obviously to expand this offering both up and down the revenue scale very shortly,” said Bob Parisi, the head of cyber solutions in North America for Munich Re, in response to the online insurance policy being made available to firms outside of the US.

The new initiative dubbed the Risk Protection Program will look to reduce cloud security risks and offer an enhanced, yet still-evolving cyber insurance scheme targeted at Google Cloud users. Phil Venables, the vice president and CISO of Google Cloud, claimed in his blog post announcing the Program that the stated aims of the partnership were “to reduce risk, potentially reduce costs, and build further trust in our platform” among its enterprise clientele.

Gartner Research says that by 2024, nearly half (45%) of all IT spending will shift from traditional on-premise solutions to the cloud. As the use of cloud services ramps up, expanding to sensitive workloads and new data types, cloudified companies will need more assurances than ever that their use of new cloud services is integrated tightly into their overall risk management plan.

The essential components of Google’s Risk Protection Program at the outset will feature Cloud Protection +, a specialized cyber insurance policy exclusively for Google Cloud. To provide the necessary data to empower informed decision-making, there is also Risk Manager, a reporting and diagnostic tool that makes a security posture report available to Google Cloud customers by request, in order to manage and measure risks on the platform.

The Risk Manager tool provides underwriters with insight-driven information they can tap into that goes beyond the usual data that is gathered from their stock questionnaires. Customers can uncover their own cyber risk status after running Risk Manager, and only then send out to Allianz Global Corporate and Specialty (AGCS) and Munich Re to obtain a quote for online insurance, provided the customers are eligible for Cloud Protection +.

The belief is that this pilot initiative would greatly simplify the cyber insurance procurement process, with the integration with Google Cloud. Not only will it futureproof insurtech for the cloud, given that there’s where most workloads are moving towards, but it will also streamline the underwriting process by providing the relevant data in real-time.

“Risk Manager gives us an inside-out look at a company,” said Parisi. “We’re driving underwriting toward a more data-driven approach.” The additional trust efficiencies will also benefit Google Cloud, who can now target more stringent regulated industries such as financial services and healthcare for their cloud offerings, with the promise that Allianz and Munich Re will equally split the cyber risk coverage, for eligible customers.

The wonder of this solution is that it should in theory be applicable to other technology partners and service providers, offering protection against cyber risk to a wider berth of potential clients. These clients in turn would be capable of supplying their services to more compliance-heavy industries, adding more security value to the cloud ecosystem.