AT&T, Lockton Affinity and CNA Team Up to Arm Small and Midsize Businesses with Cybersecurity Insurance
Strategic alliance introduces affordable cybersecurity technologies, services and insurance protections to small and midsize businesses
AT&T* and its new wholly-owned subsidiary, AT&T Insurance Agency, LLC, have joined forces with insurance industry leaders Lockton Affinity and CNA to make available broad cyber insurance policies. Customers of AT&T Managed Cybersecurity Solutions will have access to policies, underwritten by CNA, with Lockton Affinity serving as the insurance broker.
In recent years, small and mid-sized organizations have begun adopting cyber threat prevention and detection solutions. But with cyber threats growing in volume and sophistication, these companies are increasingly targets of ransomware, phishing and botnet attacks, and malware campaigns, yet lack access to affordable response and recovery solutions.
This strategic alliance¹ gives AT&T Business customers access to a full range of cyber risk management solutions to help them holistically measure, mitigate, monitor and transfer cyber risk, including options for broad cyber insurance through CNA.
Recovering from cyberattack disruptions in business continuity and reputational damage has been a challenge for businesses of all sizes, with small and mid-sized businesses lacking necessary resources needed to recover. Recent studies have indicated that as few as 3% of small businesses have cybersecurity insurance.
“Even the largest enterprises struggle with how to resource multi-layered cybersecurity needs, “said Danessa Lambdin, vice president of Cybersecurity Solutions for AT&T Business. “Without a dedicated team, financial resources, or both, small and mid-sized businesses are prioritizing threat prevention and detection activities at the expense of response and recovery.
“AT&T Managed Cybersecurity Solutions provide superior cyber protection, which is recognized by insurance industry leaders. By offering our customers a combination of cybersecurity technologies and access to broad cyber insurance through CNA, we’re providing them with more options to help protect themselves and recover from cyber-attacks.”
“One-size-fits-all simply doesn’t work across all business sizes and types, and this is especially true with cyber insurance solutions. By offering this policy with small and mid-sized business needs in mind, CNA is able to provide the coverage they need at a price that recognizes the managed cybersecurity controls they have proactively implemented,” says Brian Robb, director and industry leader, Cyber, CNA.
Brokered through Lockton Affinity and underwritten by CNA for AT&T Cybersecurity Solutions customers, this policy, called CNA Epack Extra, may cover from $250,000 up to $10 million of qualifying expenses, such as certain costs associated with Business Interruption and Extra Expense, Network Security Liability, Privacy Injury Liability, Data Restoration, Network Extortion Expense, Privacy Regulatory Civil Fines, Sanctions or Penalties, and Privacy Event Expenses. ²
When small- to mid-sized businesses purchase threat detection and response tools from AT&T, they will be eligible to apply for this coverage through Lockton Affinity. The resulting CNA insurance policy is designed for small and mid-sized businesses across the key cybersecurity disciplines: prevention, detection, response and recovery.
“With the number of small and mid-size businesses in the U.S. numbering in the tens of millions, the gap in broad solutions needed for them to address cybersecurity recovery was unexpectedly significant,” says Patrick O’Farrell, President of Lockton Affinity. “This cybersecurity policy could be the difference between businesses closing the door for good, and continued success.”
In addition to CNA Epack Extra that is now available to AT&T customers through Lockton Affinity and CNA, AT&T Cybersecurity Solutions provides over 20 managed security services to AT&T customers, including AT&T Cloud Web Security Service, AT&T Secure Email Gateway and AT&T Distributed Denial of Service Defense.