SpearTip’s Reati says Zurich-owned firm working to pair security services with insurance

By James Thaler

Feb 14 - Better secondary controls are needed to combat increasingly sophisticated threats like deepfake AI phone calls, according to executives from Zurich-owned security firm SpearTip.

SpearTip’s head Riccardo Reati and incident response head Richard Brackett made those comments in an interview with The Insurer TV at NetDiligence’s Cyber Risk Summit in Miami Beach this week.

Reati says SpearTip, which also offers incident response services, has the advantage of working with clients across the full life cycle of cybersecurity, from prevention and mitigation to real-time loss management.

“We have done this on the technical side, procedural side, and on the human side. So, in case a loss happens, we step in on the technical side, we coordinate all the work [and] provide forensics,” Reati explained.

Brackett said the insurance industry needs to continue to do more work with clients on preventing and managing potential cyber exposures, rather than having buyers just look to insurance for risk transfer.

“Customers want to transfer risk, they don't necessarily want to treat it very well. So, when I get involved with my team, it's usually after the worst has happened, right?” he said.

“So, we're trying to help them recover operations as quickly as they can, determine what their obligations might be as a result of the breach, and I see so often that just a little more preparation would have helped everybody,” he continued.

'SECONDARY CONROLS NEEDED TO COMBAT DEEPFAKES'

Brackett said threat actors are leveraging AI more, citing instances where threat actors might mimic the voice of a colleague or an acquaintance.

“So, you'll swear you're talking to the person that you know personally, but it's not them. The phishing messages that everybody gets - those are going up in quality, very dramatically. That's happening a lot,” he added.

“Their attacks are getting more efficient. They're doing more attacks per second than they were able to before, because they're using those expanded capabilities, like the good guys are,” he noted.

On the topic of AI, Brackett said it’s easier for threat actors to leverage the technology for “short-term” answers, while their potential targets need to be more cognizant of the long-term implications of becoming depending on AI.

“It takes more data on the defense side than it does on the attack side. I think those capabilities are just going to go up faster and faster. That tide is rising at a rate that is increasing. So, yeah, it's going to affect our business quite dramatically in the next year or two,” he noted.

'COWBELL RELATIONSHIP'

Cyber Risk Insurer broke the news in July that Zurich led a $60mn Series C investment in the insurtech Cowbell, with an eye towards generating synergies between the MGA and SpearTip, with an announcement earlier this month that SpearTip would offer MDR services to Cowbell insureds.

“We have an active relationship on incident response, so we are one of their incident response providers, and I am looking very positively about this relationship, particularly when it comes to thinking about the relationship between coverage and service,” Reati said.

The SpearTip head said that insureds who use the firm’s protection services could see a discount on their cost of insurance, incentivizing clients to invest in better controls.

“We are building that relationship. We're coming up with a proposition to the markets on these areas. So, very great relationship, very well-oiled, and we'll drive a lot of innovation in the marketplace,” he said of the tie-up with Cowbell.

“There are some advantages that come back into the coverage. There are several different ways that we are exploring, and we are launching something very soon [around] that,” he revealed.

SpearTip's focuses on middle-market clients with revenues between $30mn to $1bn or potentially larger, and is exploring ways to offer its services to even smaller clients.

In addition to serving Zurich clients SpearTip works with brokers and clients, independently of the insurance that Zurich offers.

Reati said he planned to use his time at the conference to better understand the evolving relationship between cyber insurance and mitigation and response services.

“I don't think anybody has figured it out completely, but we owe that answer to the final clients, to the businesses, to say, if you use services your total cost of risk will lower. And so, that's one area that I think I'm really focused on,” he said.

“It's about being able to get the client back to operational with the minimum damage as possible, as quickly as possible. So, that's my focus.

Brackett said that flashpoint cyber events in 2024 like the CrowdStrike outage and the breach of car dealership SaaS provider CDK has raised awareness around the critical issue of business continuity.

“[Those events] revealed that we place a lot of trust in these vendors, and sometimes they fall short, like everyone does. So, having a plan of how to operate when those events happen is very important,” he commented.

Reati noted that Zurich has a big portfolio of auto dealers and that his firm is looking for ways to help those insureds build up their cyber resilience.

“I think that's an area where we're actively focused on to understand what are some of the gaps, and what can we do to fill those gaps?”