GOLearn webinar on Enterprise Security Risk Management (ESRM) on Apr 16, 15:30 CET

Helvetia and GObugfree support SMEs in preventing cyberattacks

Zurich, April 12, 2023 - Helvetia Insurance sets new standards in supporting its business customers in the field of cybersecurity. In a pioneering step for the Swiss insurance sector, Helvetia collaborates with bug bounty provider GObugfree to help their (SME) corporate customers identify and close security gaps effectively.

GBF_Blog-Tobias-Seitz_Christina-Kistler.jpg
Christina Kistler, CCO at GObugfree & Tobias Seitz, Head of Underwriting Engineering Region East at Helvetia

Cyberattacks have rapidly become a significant business risk, inflicting billions of francs in damages each year. A typical Swiss SME can incur losses of over 100,000 CHF from a successful cyberattack, while more severe incidents involving data theft or encryption can reach millions of CHF. It is crucial for SMEs to proactively protect themselves against these persistent and evolving risks.

The cyber insurance gap: only one in ten SMEs protected

Robust IT security measures form the foundation of any cyber protection strategy. However, the ideal approach includes a balanced mix of IT security measures and insurance coverage against cyber threats. If, despite all precautions, criminals breach a company's IT defences, an appropriate insurance solution can mitigate the residual risk. Surprisingly, only one in ten Swiss SMEs currently hold cyber insurance.

SMEs often believe they are too small to attract cybercriminals’ attention, but this is a misconception . . . Proactive protection measures are vital for SMEs.
Tobias Seitz, Head of Underwriting Engineering Region East at Helvetia

Insurance industry raises the bar

To obtain cyber insurance, an SME must demonstrate a certain level of basic protection. Tobias Seitz, Head of Underwriting Engineering Region East at Helvetia, notes: "SMEs often believe they are too small to attract cybercriminals’ attention, but this is a misconception. Cyberattacks are often indiscriminate - criminals cast their nets wide and see what they catch. Proactive protection measures are therefore vital for SMEs."

To avoid disadvantaging policyholders who meet the necessary requirements, insurance providers may reject applications that fail to meet basic requirements.

SMEs have embraced the Community Bugtest. This fast and cost-effective method offers a pragmatic evaluation of the attack surface and potential vulnerabilities.
Christina Kistler, Chief Commercial Officer at GObugfree

Know the risks to fight them effectively

GObugfree supports SMEs by conducting a security assessment, known as a Community Bugtest, to evaluate their IT security measures. In this process, security researchers from the GObugfree community assess a company's current security posture. Christina Kistler, Chief Commercial Officer at GObugfree, comments: "SMEs have embraced the Community Bugtest. This fast and cost-effective method offers a pragmatic evaluation of the attack surface and potential vulnerabilities. Companies receive recommendations about where and how to enhance their cybersecurity." Often, the Community Bugtest serves as launchpad for a bug bounty program, where ethical hackers receive rewards for uncovering security gaps in organizations' systems. A bug bounty program provides ongoing protection as a company continuously addresses and improves its security gaps.

Our partnership with GObugfree is an important step to further strengthen Swiss companies and the market at large.
Tobias Seitz, Head of Underwriting Engineering Region East at Helvetia

Proactive measures over reactive payments

Even cyber insurance has its limitations. If a cyber incident results in financial losses, then the corresponding insurance coverage takes effect. In addition, Helvetia customers have access to a wide network of experts assisting them in managing the incident. But while the policy can cover financial losses resulting from cyber incidents, it cannot "conjure up" deleted data, and even with professional PR support, companies may still face short-term reputational damage following a cyber event. Thus, Helvetia emphasizes protection, striving to raise security awareness among its customers and provide them with access to cutting-edge, agile cybersecurity methods. This approach empowers businesses to fortify their defences. Tobias Seitz explains, "This strategy benefits not only our customers but also the entire market. The better Switzerland is prepared, the less appealing our country is for cyberattacks. Our partnership with GObugfree is an important step to further strengthen Swiss companies and the market at large."

Are you interested in a Community Bugtest?

Find out more here