Yes, Bitdefender offers a cybersecurity breach warranty as part of our Bitdefender MDR and Bitdefender MDR PLUS services that covers customers with up to $1,000,000 in breach response expenses if there is a security incident within the environment protected by Bitdefender MDR or Bitdefender MDR PLUS.
Bitdefender MDR is a managed security service that provides 24x7 defense against cyber threats delivered through our global Security Operations Centers (SOCs). The service includes the underlying security platform (GravityZone Business Security Enterprise (BSE)) and the continuous monitoring and response to threats
Bitdefender MDR PLUS gives all the protections of MDR and adds the most comprehensive dark web detection and response available performed by a designated, specialized Cyber Intelligence Fusion Cell (CIFC) unit, additional comprehensive threat intelligence reporting, a dedicated Security Account Manager (SAM), and Professional Services onboarding.
The cybersecurity breach warranty coverage is currently available for all customers of Bitdefender MDR and Bitdefender MDR PLUS. Existing customers have been enrolled and will be fully signed on to the warranty once they accept the additional terms and conditions in the portal. All new MDR or MDR PLUS customers will be opted in to the warranty coverage when they sign the MDR subscription contract and must accept an additional series of terms and conditions. Customers may choose to opt out of the warranty coverage if desired.
No, customers on previous tiers of the MDR service do not receive cybersecurity breach warranty coverage. Customers will be transitioned to either MDR or MDR PLUS upon contract renewal and will then receive the cybersecurity breach warranty coverage.
While similar in that they both involve coverage of cyber incidents with forms of monetary compensation, cyber insurance and breach warranties are different things and should not be conflated as being the same. In addition, having a breach warranty should not be considered a replacement for having cyber insurance. It is recommended that organizations still seek out cyber insurance whether they have a breach warranty attached to their service or product. Here are some of the main differences.
Cyber Insurance
· Offers broader coverage for the organization and is designed to cover a wide range of cyber risks. It is independent of any specific technology or product. Organizations purchase cyber insurance as a standalone policy, and the policy applies regardless of what technologies they use.
· It covers both first party (direct impact on the insured) and third-party (liabilities toward others) damages.
· Terms are usually customizable/negotiable based on the organization's risk profile.
· Organizations can often choose the coverage limit and tailor the policy to include specific types of protection.
· Cyber Insurance has an associated cost (insurance premiums) that can be variable depending on the organization’s risk. Working with the insurance provider, organizations can lower the premiums by meeting certain criteria (such as providing proof of security tools and coverage or other security services).
Breach Warranty
· Provides specific coverage directly related to the service being provided. Will not cover things that are out of scope or not being covered by the service.
· Coverage is first party only and will not cover if third parties are affected.
· The terms are often not customizable and are set by the warranty underwriter. Organizations must agree to those terms without the ability to modify or change them.
· Breach warranties often have smaller limits compared to cyber insurance policies and these limits are not negotiable.
· Breach warranties are often less costly or are provided as a free add-on as part of the service subscription.
The cybersecurity breach warranty is included at no additional cost with the purchase of Bitdefender MDR or MDR PLUS subscription. This warranty is a purely value-add benefit for the customer.
The tiers are tied to the MDR package and there are different coverages based on the package.
- Ransomware Events - $100,000
- Ransomware and BEC Event - $200,000
- Compliance Event - $200,000
- Cyber Legal Liability Event - $500,000 (2)
- Business Income Event - $100,000 (3)
Breach notification costs, compliance and regulatory penalties, and business income loss in relation to the security incident covered.
The customer must subscribe to Bitdefender MDR or MDR PLUS and agree to the additional warranty terms and conditions.
The cybersecurity breach warranty is tied to your MDR or MDR PLUS subscription and will last the duration of the contract period.
Yes. Since the cybersecurity breach warranty is built into the licensing for MDR and MDR PLUS, any partners and resellers who sell MDR and MDR PLUS will also include the cybersecurity breach warranty. The warranty, however, is not available for MDR foundations for MSP. That means MSP and RMM (Partners) who sell MDR Foundations for MSP are not eligible for the warranty.
Bitdefender has partnered with Cysurance to offer this cybersecurity breach warranty. Cysurance is a next-generation risk mitigation company that certifies, warranties, and insures cybersecurity solutions for enterprise end-users. Customers of Bitdefender MDR or MDR PLUS service will be automatically onboarded into Cysurance’s system to activate the warranty.
Cysurance as the underwriter of the warranty, also offers cyber insurance policies. They offer possible premium discounts for customers who have obtained their breach warranty through valid providers like Bitdefender. Please see their site for more details.
No. The cybersecurity breach warranty agreement and terms and conditions are pre-defined by Cysurance. Customers can opt out of the warranty if they do not agree to the terms and conditions. Terms and Conditions can be found here.
Yes, pre-requisites are pre-defined by Cysurance and information on them can be found in your MDR Portal.
No. This cybersecurity breach warranty is only offered as part of the subscription to Bitdefender MDR or MDR PLUS as a no-cost benefit to customers.
Any new Bitdefender MDR or MDR PLUS customer is eligible for the cybersecurity breach warranty; however, pre-existing security incidents are not covered.
All customers of Bitdefender MDR or MDR PLUS are automatically qualified and enrolled in the cybersecurity breach warranty once they agree to the additional terms and conditions. Customers are encouraged to review the terms and conditions to ensure they are staying on top of the requirements for qualifying for a warranty claim. See warranty claim requirement question above for additional details.
Breach Warranty for MDR only covers Ransomware based events. Breach Warranty for MDR PLUS covers any security incident, see table above under question “What are the warranty coverage tiers and how is the amount of the warranty determined?”
The cybersecurity breach warranty is valid in all regions in which we operate. Please note that there is special language in the Terms and Conditions in the following countries: Malaysia, Singapore, and Japan.
Footnotes:
We’re here to help you choose the solution or service that’s right for your business.