"With Bitsight SPM, we have a single, reliable source of truth regarding what our digital footprint is and how our cybersecurity posture stacks up against competitors."
Background
India-based Max Life Insurance, a joint venture between Axis Bank Limited and Max Financial Services Ltd., offers comprehensive protection and long-term savings life insurance solutions to drive life insurance ownership and financial protection. The company distributes life insurance through multiple channels, including agency and third-party distribution partners.
Underwriting life insurance requires Max Life and its partners to collect personal data, including sensitive identity, financial, and health information. It is imperative that Max Life maintains the security of this extensive data and manage any risk exposure.
To achieve greater visibility into its entire digital footprint and pioneer industry-leading practices in cybersecurity and risk management, three years ago, Max Life Insurance implemented Bitsight Security Performance Management (SPM) and Bitsight Third-Party Risk Management (TPRM).
The best cybersecurity posture in the insurance industry
As a result of TPRM and SPM, Max Life now has an independent and trustworthy perspective on ever-changing cyber risks.
Bitsight—which is used by half of the world’s cyber insurance providers and 20% of Fortune 500 companies—offers the most trusted security ratings in the industry. Similar to a credit score, Bitsight security ratings give a numerical value to a company’s cybersecurity performance. They are also accessible via an easy-to-use interface. In addition to security ratings, Bitsight SPM provides Max Life with a continuous assessment of security controls and the ability to track progress over time.
“With ever increasing customers and proliferating customer data in our system, there was a pressing need to enhance our cybersecurity posture, measure progress, and benchmark our performance against industry best practices,” said Abhishek Bansal, Max Life’s CISO and head of non-financial risk.
“Bitsight lets us quantify risk with greater confidence and measure our cybersecurity progress against an objective standard. With Bitsight SPM, we have a single, reliable source of truth regarding what our digital footprint is and how our cybersecurity posture stacks up against competitors. We have achieved a Bitsight score of 810—one of the best in the financial services industry.”
"Bitsight TPRM accelerates third-party risk assessments and verifies the true nature of vendors’ security postures. By minimizing vendor risk, Max Life minimizes its own."
Improving vendor governance and relationships
In addition to implementing best-in-class cybersecurity, Max Life also needed to identify and manage the risks associated with third-party vendors' networks. With Bitsight TPRM, Max Life was able to get immediate transparency across its entire vendor portfolio.
To make the most of Bitsight TPRM, Max Life created the ABCD Framework for vendors. This framework combines five assessments and gives vendors letter rankings based on their security postures. If a vendor is critical, they cannot fall below category A or B.
“Bitsight TPRM accelerates third-party risk assessments and verifies the true nature of vendors’ security postures,” said Bansal. “By minimizing vendor risk, Max Life minimizes its own.”