Over time, security budgets have diminishing returns. At some point, no increase in resources will reduce the risk of a negative consequence. That’s why cybersecurity insurance exists — to protect against the eventuality of a data breach. That’s also why some vendors have seized on the idea of guaranteeing the efficacy of their products through technology warranties.
To many, such warranties are a marketing ploy — a tactic meant to shift attention from a vendor’s competitors in a crowded marketplace. But to others, warranties are a sign that vendors are shifting their incentives — putting more than just their reputations on the line. This report will focus on the latter and attempt to elucidate the value of these warranties for both technology buyers (of a certain size) and sellers.
Key questions discussed in this report:
- What is a technology warranty?
- What is the value of such a warranty when backing a security product?
- What kind of FIs might find value in security technology warranties?
- How are these warranties being underwritten?
- And why are so few security vendors offering this type of added insurance?
Javelin conducted a series of interviews involving insurance executives, cybersecurity vendor executives, and other relevant stakeholders to gain an understanding of the topic. Interviewees represented a variety of organizations, including those that have written technology warranty policies.
Data in this report is based on information collected in a random-sample panel of 800 information technology security decision-makers, 200 of whom work in financial services. For questions answered by all 800 survey respondents, the maximum margin of sampling error is ±3.46 percentage points at the 95% confidence level. For questions answered by all 200 financial services respondents, the maximum margin of sampling error is ±6.93 percentage points at the 95% confidence level. The maximum margin of sampling error is higher for questions answered by segments of respondents.