Padlock, cyber

Cybersecurity startup SentinelOne has launched a new protection guarantee that pays up to $1m (£760.840) if SentinelOne’s software fails to detect a ransomware cyber-attack on a company’s system.

The software, which learns the user’s behaviour on devices such as mobiles and computers, will alert the user if it detects that the online behaviour is irregular.

That way, it can stop and block an attack straight away, SentinelOne co-founder and chief executive Jeremiah Grossman said.

The cyber threat protection does not cover damages associated with loss of intellectual property (IP) or business disruption.

But SentinelOne said it would pay out if its security software solution Endpoint Protection (EPP) or Critical Server Protection (CSPP) platform did no detect the unusual behaviour.

Ransomware is malicious software designed to take control of a computer system or its data and hold it hostage.

Typically, the attacker will demands payment from the victim before they will allow them to access their system again.

Ransomware is one of the biggest forms of cybercrime that is affecting businesses in the UK.

According to CFC Underwriting chief innovation officer Graeme Newman, it has been the managing general agency’s largest source of claims in the last 12 months.

Newman said: “We are inundated with cyber security vendors who claim they have the latest and greatest in cyber insurance.

“What separates SentinelOne is that it offers a good contract. If I write my insurance policy that’s in excess of their financial guarantee I have taken out a big chunk off my claims. For us it is impossible to take into account every possible cyber threat.”

Grossman added: “The security industry is undergoing a credibility crisis, with security vendors launching product after product without specific validation of their effectiveness.

“But we’re ahead of a major shift where security vendors will be required, not only by lawyers and insurers, to put their money where their mouth is.”

The cyber threat protection guarantee is only valid for Windows-based user endpoints and servers and does not cover Linux or Mac OS X endpoints and servers.