| 23 Nov 2017 | ( words)

Cyberinsurance part 2 - Organization mapping

If you haven't read part 1 of our cyberinsurance series, consider taking a pause and doing that now. The context of where organization mapping fits is important.

What is organization mapping

As described on part 1, "Organization mapping is an internal service we created where, just based on a name, we are able to find assets associated with that company such as IP addresses, domains, customers and emails."

This is a fully automated process that we had to create as, when a cyberinsurer gets a request from a company, they don't really know which assets belong to that company (many times even companies themselves aren't aware as asset management sometimes is not a priority).

When we thought about this initially, we really wanted to make it as a "Google for company assets" which meant that as an initial seed, we only take a company name.

How can insurers use it?

Organization mapping is part of customer onboarding on our cyberinsurance pipeline.

The following is an example of what an insurer can do to get access to data quickly about a company that requested cyberinsurance from them:

In the image above, we can see which companies have the word we searched for on their names, which have been mapped and which haven't and request for one to be mapped in case it isn't already.

After you pick a company, you will be taken to a screen where you can see all assets we've found about that company.

When we came to building this part, we started to look into other issues. A company is like a tree - it has the main company but also often has mergers and acquisitions or alternative names, so we made sure all those associations are in there and that you're able to quickly explore them.

On the image above, an insurer is able to quickly ask for a report on this company (samples of report on images below), which will tell them about security misconfigurations, security issues we've found and a score using our open-source formula.

This data is based on our historical data that we've found in the last 60 days. But of course if an insurer wants updated data, they can just press the "Run Scan" button and get an updated report with fresh data.

The future

This is only part of the pipeline of our Cyberinsurance platform that we describe on part 1.

Cyberinsurance needs to be a collaboration between clients, vendors and insurers.

This platform we're building is where these interactions happen.

Video Demo

BinaryEdge will be partnering with insurance companies on this project. If you would like to have more information feel free to contact us using [email protected] .