PSA Certified for Insurance Vendors

Generate faster, cheaper, and more accurate cyber insurance policies aligned to global standards and regulations

Skip to content

Cybercrime damages will reach $10.5 Trillion by 2025

The Untapped Market

The proliferation of IoT represents a substantial commercial opportunity for the insurance industry. The promise is enormous. Analysts estimate the IoT will drive services valued between $5-12 trillion by 2030. More than 41 billion IoT devices are expected to be installed by 2027, up from about 8 billion in 2019.

Complex Value Chains Make it Hard to Assess and Underwrite Risk

However, anticipating cybercrime damages will reach $10.5 Trillion by 2025, yet estimating the likelihood of security failures is a highly technical process. Furthermore, supply chains in IoT are complex and opaque, and so liability can be challenging to assign. Ultimately, insurers can’t currently accurately model the risks.

This means that while brokers have customers eager to purchase cover, their ability to underwrite this is limited. And without reinsurance capital, cover can’t be offered. This stalemate is blocking commercial growth for the insurance industry and the path to digital transformation for every sector.

What if You Could “See Inside” Devices in a Supply Chain? PSA Certified Makes it Possible with Free Framework You Can Trust

PSA Certified creates the confidence to cover. It offers an independent, lab-tested, industry-recognized approach for trusted and secure IoT design, building from a Root of Trust and established best practices to bring visibility and measure to the risk profile of IoT applications. Three key benefits:

Increased Confidence and Reduced risk

PSA Certified devices have been independently assessed and offer an indicator of the likelihood and severity of a security failure in certified components and devices, making it quick and easy to calculate risk for cyber insurers.

Increased Visibility Unlocks New Business Opportunities

We create the means to ‘see inside’ devices and applications to understand their security readiness. This gives visibility into risk across the supply chain, establishing whether components, devices and applications are built on best practices based on certifications.

Technical Rigor Built by Independent Experts and Mapped to Worldwide Regulation

PSA Certified matches or exceeds security requirements from regional regulators, such as NIST and ETSI, to provide a globally applicable standard. This is giving insurers a fast-track to understanding which products are already building to upcoming law.

How PSA Certified Helps You Calculate Risk

PSA Certified exists to help grow a secure, trusted IoT. Established in 2017, PSA Certified was spearheaded by Arm, and currently comprises an ecosystem of more than 70 partners. We work across the ecosystem, from silicon designers and manufacturers to OEMs and service providers, to create assurance in the devices powering the IoT.

A Checklist of Best Practice

PSA Certified offers a list of 10 clear, comprehensive and achievable goals to guide the creation of every connected device, establishing secure-by-design requirements for everything from their unique identity and upgrades to cryptographic protocols.

Learn More About the PSA Certified Security Goals
Learn More About the PSA Certified Security Goals

Security Built on a Root of Trust

It is vital to establish a secure Root of Trust in a device, a continual and immutable assurance that a device has not been compromised. With a Root of Trust established, other components can layer over it to form an interconnected, self-checking chain of trust.

Learn More About Why the Root of Trust is Vital
Learn More About Why the Root of Trust is Vital

Easily-digestible Security Credentials

PSA Certified provides independent, lab-tested validation that components, software and devices have been created by design according to security best practice. Offering a standardized indicator of security with three easy-to-understand levels, PSA Certified establishes a chain of trust across the supply chain.

Learn More About PSA Certified Levels
Learn More About PSA Certified Levels

PSA Certified represents a clear example of industry best practices for device security that insurers, such as Munich Re, can use to better understand and quantify cyber risk in IoT deployments and deliver business assurances at scale.

Tim Davy, Cyber Security Specialist, Munich Re

How You Can Play Your Part in Securing IoT

By encouraging prospective policy holders to build their businesses on security best practice and PSA Certified trusted components, IoT devices will become more secure – lowering risk and reducing the number of future insurance claims.

Our goal is to collaborate with insurers to help create insurance products to grasp the market opportunity. PSA Certified is ready to use, and ready to reference for insurance vendors free-of-charge.