Cyber Defense eMagazine February Edition for 2022

More documents

Recommendations

Info

Creating a Game Plan On a global scale, cybercrime is expected to reach $10.5 trillion annually by 2025, up from $3 trillion in 2015. So, when is a company “ready” to purchase cyber insurance? We hear this question a lot in our line of work. To start, any company that uses a computer system and the internet as part of conducting its business, or collects personally identifiable information (PII) of employees, clients, or third-parties, should be pursuing cyber insurance if they do not have it already. The specific type of coverage, and how much insurance a company should have, can vary greatly based on the size and industry of the organization. In order to determine what is best for your company, and to help you prepare to purchase cyber insurance, you should start with conducting a cyber risk assessment and request a technical consultation with security and insurance broker experts. This risk and technical assessment will help you determine any potential gaps or areas for improvement in your organizations’ cyber security program, and help you decide what kind and how much coverage to purchase. Once you determine your organizations’ specific cyber insurance needs, your insurance broker will help you find the right cyber insurance carrier to best serve those needs. Some cyber insurance carriers, such as Resilience, provide additional risk management benefits during the procurement process and throughout the policy period to help organizations secure coverage and better improve their cyber risk posture. Dress to Impress With a hardening cyber market, securing cyber insurance can be challenging for even security-conscious organizations. That said, even before coverage is secured, brokers and insurers work with existing and potential clients to mitigate cyber risk. Once it has been determined that your business is ready for cyber insurance, executives can work with them to navigate what security actions need to be taken to ensure that the cost/risk benefit of the insurance plan will be balanced. Those that want to secure coverage should be able to come to the table with a robust cyber security plan that details where their data is located and how they protect it. This might include analyzing and implementing tools like VPNs and Endpoint Detection and Response (EDR), reconfiguring system infrastructure, adding multi-factor authentication, segmenting data and networks to better control access to help mitigate doxxing attacks, and utilizing backup functionalities that are tightly air gapped. Once set-up, organizations need to test these environments. If security tooling is in place, but done so or configured incorrectly, hackers can still breach the system through known vulnerabilities or brute force attacks. However, testing can mitigate this drastically, as well as help an organization determine if vulnerability management and patching should be done in-house or be outsourced. Security teams should also be trained on how to monitor and patch systems, privacy protection protocols and how to identify phishing attempts. If they are unable, then these functions must be outsourced. Cyber Defense eMagazine – February 2022 Edition 90 Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
Keeping Premiums Low Once Coverage is Secured Once secured, cyber insurance premiums can be kept low on renewal by continuously improving upon pre-established security postures, a process that can greatly help prevent attacks, such as those from business email compromise or ransomware. Still, successful attacks happen and when they do, taking the proper steps to mitigate risk can help keep your premiums low. If a breach occurs and company data is being held for ransom, companies need to implement strict policies that restrict anyone at the organization from reaching out to the threat actor. We have seen many cases where someone on either the security or leadership team contacted the hacker and divulged information that made the situation even harder to resolve. Examples include providing their names, company, whether they have a cyber insurance policy and the value of the data that was taken - giving more power to the hacker than intended. Keep in mind, hackers don’t always know who they have attacked and how valuable the data they found is. Instead, teams should contact an experienced recovery and remediation group, along with their cyber insurance company, to get assistance as quickly as possible. With this approach, experts can begin to rebuild company infrastructure even as negotiations play out. It might be counter-intuitive to get the bill running sooner, but at the end of the day, it is almost always the most cost-effective option. This act reduces the potential business interruption claim, gets a head start on recovery and identifies systems that could be re-built or upgraded vs. paid to unlock faster. Having your counsel work with regulators when breached has also become more essential than ever. Most recently, in September 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) produced an updated advisory on the use of digital currencies in ransomware attacks and other financial crimes, discouraging companies from simply paying the ransom to regain operational control after a successful ransomware attack. While these advisories are aimed at the payment of ransoms to sanctioned entities, it also may address the ballooning of ransom demands and spiking cyber insurance costs over the past year. In working with the client, their counsel, an IR firm and the insurer, the decision to pay a ransom is always determined on a case-by-case basis, and only after an expert analysis of the situation can be compiled and payment due diligence completed. While there are still times when a ransom is paid, more and more often, companies are alternatively using the resources provided by their insurer to remediate and rebuild. Even with much of the cyber insurance landscape still in flux, opting into cyber insurance can provide a sense of security if a victim of a cyber attack. It can help companies recover after a data breach when thousands or even millions of dollars are accrued from business disruption, revenue loss, legal fees, forensic analysis and more. To best obtain cyber insurance, working directly with brokers and insurers that can provide advice for setting up security tooling and processes and protocols can be a huge boon for candidates. Even as coverage is secured, keeping premiums low can be addressed by maintaining and improving upon internal and external security practices, which can help mitigate risk further, making your systems protected from the majority of inevitable attacks. And, should a breach occur, calling your broker, insurance agent and associated firms at the first sign of a breach, such as remediation and recovery or those well-versed in OFAC regulations, will enable businesses to get back online faster, with more business value intact. Cyber Defense eMagazine – February 2022 Edition 91 Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2:
How Criminals Have Migrated Through
Page 3 and 4:
Combining True MDR & SOC for Robust
Page 5 and 6:
@CYBERDEFENSEMAG CYBER DEFENSE eMAG
Page 7 and 8:
Cyber Defense eMagazine - February
Page 9 and 10:
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
How Criminals Have Migrated Through
Page 19 and 20:
Quite often the perpetrator claims
Page 21 and 22:
• Identity Access Management (IAM
Page 23 and 24:
About The Author Active with the IC
Page 25 and 26:
Given the rise in cyber-attacks, th
Page 27 and 28:
Why is that? Let’s take COVID-19
Page 29 and 30:
soon as possible and base it on str
Page 31 and 32:
How Do I Reliably Identify You If I
Page 33 and 34:
validation, what can be a very reli
Page 35 and 36:
How To Improve Federal Endpoint Det
Page 37 and 38:
What should agencies look for in a
Page 39 and 40: Decision Trees in Case of a Ransomw
Page 41 and 42: expertise’s recommended returning
Page 43 and 44: was sentenced to 12 years for payin
Page 45 and 46: Verify But Trust Managing insider t
Page 47 and 48: We now live in a world where the in
Page 49 and 50: 2. Cryptographic Failures - Cryptog
Page 51 and 52: Conclusion Penetration testing is a
Page 53 and 54: 1. Increase enterprise security pro
Page 55 and 56: minimise the impact on business per
Page 57 and 58: Today's Digital Battlefield Demands
Page 59 and 60: UAE can be a cyber security powerho
Page 61 and 62: Why Ransomware is Only a Symptom of
Page 63 and 64: Response vendor that can leverage a
Page 65 and 66: Critical IT infrastructure had to b
Page 67 and 68: Killware is the Next Big Cybersecur
Page 69 and 70: The most effective way to defend ag
Page 71 and 72: Combining True MDR & SOC for Robust
Page 73 and 74: especially those who want to build
Page 75 and 76: intelligence, data logs, and advanc
Page 77 and 78: But when it comes to cybercrime, a
Page 79 and 80: of in 2022. In effect, ransomware h
Page 81 and 82: Detect Ransomware Data Exfiltration
Page 83 and 84: Advanced SQL Behavioral Analysis fr
Page 85 and 86: In contrast, the corresponding reac
Page 87 and 88: of how PCs, laptops, and other Wind
Page 89: Cyber Insurance: What Executives Ne
Page 93 and 94: Data Security Must Be a Priority as
Page 95 and 96: sites like Facebook or LinkedIn. Cy
Page 97 and 98: Why Building Managers Need to Prior
Page 99 and 100: It should also provide the means fo
Page 101 and 102: Cyber Defense eMagazine - February
Page 123 and 124: CyberDefense.TV now has 200 hotseat
Page 125 and 126: Books by our Publisher: https://www
show all

Cyber Defense eMagazine February Edition for 2022

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?