I was looking at the Reuters news feed this morning and I saw 3 different stories related to Apple and Cisco with regards to cybersecurity insurance. The headlines (go to EA Media’s home page to see the stories themselves) were:
- “Apple, Cisco talk about cyber-security insurance discounts”
- “Apple, Cisco to partner no discount for enterprise cybersecurity”
- “The Cisco-Apple Partnership to introduce the most Advanced Privacy Controls for iOS Enterprise Devices this fall”
So obviously, something was going on between Apple and Cisco. So I decided to read on.
What it turns out has happened is that Apple and Cisco are talking about how much more secure their devices are than other solutions in the marketplace. As a result, they feel that any of their customers using Cisco AND Apple devices in their Enterprises should get discounts on cybersecurity insurance.
This is a rather interesting premise because it goes to what I have been saying about how to talk about security. The vast majority of security professionals talk about the “What If” and how they take an insurance approach to selling security inside their organization. What Apple and Cisco have done is they’ve identified that exact talking point and focused on what BUSINESSES talk about, which is ROI. By using their solutions make Enterprises more secure, they are promoting an actual ROI ! Be more secure AND save money.
Now THAT is what a business executive is going to listen to!
The two company CEOs were talking at a Cisco event in Las Vegas and they were saying that they were collaborating with “insurance heavyweights” to arrange for an insurance offering for their customers. Cisco went further and said it was going to create systems that provide “continuous security monitoring” and that, if implemented properly, it would allow for discounts in cybersecurity insurance premiums.
Two things from that last statement. First, it sure sounds like Cisco is going to get into the SIEM game in some way, shape, or form. And by coupling a SIEM with insurance premium discounts is a really nice way of lowering the cost of implementing a SIEM. SIEMs are probably the most expensive security solution to put in, not just because of the cost of the technology but also because of the changes that you will have to make in all your systems in order for the logs to get into the SIEM.
Apple has been trying to get into the Enterprise market for a very long time, probably since it’s inception. But their battle with Microsoft has been lost because Microsoft goes into more areas relevant to the Enterprise. Sure, Apple provides End User devices but the work horses of the Enterprise have been and always be the Server market. I’m just wondering if that’s changing as companies move more and more to the cloud.
I would suggest that there is a slight mismatch in terms of companies here unless one very important thing starts to happen. Apple needs to start focusing on cost savings and that message has to get through to Executives to allow for enough saving to talk about replacing workstations. Sure, Apple has End User devices that are much more User Friendly and more secure than Microsoft solutions. But is the cost savings there?
Think of it this way – When you buy an Apple device, you buy a platform that is already built. The operating system is much more secure than the Microsoft OS and there isn’t any need for Anti-Virus. There are cloud offerings that work seamlessly with the Apple devices (iCloud) and have been around much longer. So, if they were to shift their message to cost savings, they may be able to make the Enterprise switch.
But I don’t see that happening. Microsoft has been embedded in the Enterprise for decades now and there is quite a bit of inertia that needs to be overcome. Focusing on the cost savings is huge and is a shift that the CyberSecurity market needs to take as a whole.
And insurance premium savings seems like a good way to include savings.
Hope this helps …