Insurance and Cyber Security managed providers working together

Cyber insurance as a part of the Insurance Industry, is no longer considered as ‘new’, with ever greater adoption and ever more understanding of the market itself and the needs of the businesses

it serves.

The Cyber Insurance market is expected to grow globally to reach a value over USD 120 Billion by 2032. The demand is evident and is being driven by multiple factors such as geopolitical and economic uncertainties, increasing state sponsored attacks and legislative drivers, which we will see becoming more prevalent in the next couple of years.

Managed Security Service Providers (MSSP)

There is a growing recognition within the Cyber Insurance industry, of the role that can be played by Managed Security Service Providers in collaborating and innovating alongside Insurers and brokers. There are obvious benefits for all parties (especially the clients).

Everyone agrees with the obvious principle that a good CyberSecurity posture and regular Cyber Security assessments and validations, reducesthe likelihood of breach.

These efforts are now being recognised by forward thinkinginsurers, and benefits passed to the clients who are taking reasonable measuresto improve and maintain a good Cyber Security posture.

This makes absolute sense for both the client and the Insurerthemselves.

The client is investing in security controls to gain an improvedposture, and the Insurer recognises the reduced chances of a claim being madeby their client for a Cyber Attack and where a claim is made the potentialimpact is hopefully reduced as a result of the improved security posture andplanning in advance.

Speaking as a Managed Security Services Provider, we see on anongoing basis, the improvements made by clients on what always is termed as thecyber ‘journey’. Reductions in Vulnerabilities, improved visibility of theirestate and an enhanced readiness for the eventuality of an attack.

‘Zero Days’ and the role of an MSSP

A zero-day attack is an extremely dangerous attack that isessentially a vulnerability that the criminals can weaponise, but whichsoftware developers, clients, insurers and pretty much everyone else is unawareof, or only just aware of. These types of risks give business and Insurersthemselves a big problem and unfortunately occur relatively frequently.

MSSP’s have a big part to play in trying to mitigate this risk.Where a client works with an MSSP who has a 24x7 SOC (Security OperationCentre) for example, the MSSP can inform the clients using the SOC of theexistence of the Zero day upon its discovery. Furthermore, because the SOC hasknowledge of the clients estate, they can inform the client as to theirsusceptibility to compromise. The SOC can take further steps where appropriateto check for IOC (indicators of compromise), increase monitoring aroundvulnerable assets or may work with the client to proactively take the affectedpiece of software offline / secure, until a patch is available.

For Insurers, this enhanced capability displayed by a clientworking with an MSSP, and who is in a SOC, could be considered as a proactiveapproach to their Cyber Security, and policy quotes reflective of the stepsthey have taken.

Vulnerability Scanning (Continuous Security Testing)

Continuous attack surface management, coupled with active Vulnerabilityscanning can give organisations a view of the technical vulnerabilities at playacross their estate on an ongoing basis. Discovery of and subsequent active scanningof the externally facing aspects constitutes a large component of CST, givingclients the ability to view their organisation through the eyes of theattackers and discover change and defects prior to their exploitation bymalicious parties.

Businesses make IT changes for a multitude of valid reasons. Theissue for clients and for Insurers, is that any one of these changes couldresult in a vulnerability to the client’s estate being inadvertentlyintroduced. For large organisations, a fluid external footprint makes this evenharder. Attackers will see this quickly and attempt to exploit. MSSP’s canperform regular asset discovery and vulnerability scanning and advise theclients on anything they see which might present an issue. Due to the rapidweaponization and automated deployment of known vulnerabilities by attackers, thiscontinuous approach greatly reduces the likelihood of a successful attackoccurring and can help discover and allow resolution of the vulnerabilitiesahead of malicious actors.

Attackers have automated their scanning for Vulnerabilities, and automationfor the defending teams is also a must have capability.

Predictions

We think it is inevitable that Managed Security Service Providersand the Insurance world will work ever more closely together in the future, collaboratingon technology and processes and driving much needed regulation and change.

These two distinct aspects of businesses risk mitigation can make anenormous difference to those in the eye of the Cyber Security storm.

AI and the challenges and opportunities this brings, will be atthe forefront of efforts.

Precursor Security has been working with JMG Group and a selectpanel of specialist cyber insurance companies, to create an innovative andproactive approach.

Where a business is utilising Precursors services, they are entitledreduced cyber insurance premiums as they will benefit from premium discounts.

This is the perfect example of an MSSP working collaborativelywith an Insurer to drive much needed change across all organisations.

Cyberinsurance is designed to protect businesses and individuals from threats in thedigital age, such as malicious and non-malicious cyber incidents.  

Cyberinsurance provides financial reimbursement in the event of an incident but alsoadditional benefits such as risk management solutions, pre and post-breach adviceand support ranging from public relations, to legal counsel and digitalforensics.

Acomprehensive cyber policy will look to provide cover for:

·      Networksecurity and privacy liability

·      Medialiability

·      Regulatorydefence and penalties

·      Crisis andevent management costs

·      Ransomwareand extortion

·      Businessinterruption

·      Contingentbusiness interruption

·      Computer replacementand bricking

·      Socialengineering fraud

PrecursorSecurity are a UK based Cyber Security specialists. With offices in Leeds andNewcastle.
www.precursorsecurity.com`

‍