Cyber Insurance Experts Make a Case for Coverage, Protection

  /     /     /  
Publicated : 23/11/2024   Category : security


Cyber Insurance Experts Make a Case for Coverage, Protection


At Black Hat mini summit, providers and customers get clearer about premium costs and coverage — and the risk of doing without.



BLACK HAT USA – Las Vegas – Wednesday, Aug. 9 —
 Cybersecurity and insurance continued their awkward dance this week at a Black Hat mini summit where the two industries continued to refine the best ways they might work together.
Held on cyber insurance, the summit covered whether there is a
need for cyber insurance
, how it is assessed, and
how CISOs can use it
. Alternatively there are claims that
underwriting is not keeping up
with modern cybersecurity threats and trends, or even how (or why) the federal government
could help protect
companies, insurers, and the economy from the impact of a widespread, catastrophic cyberattack.
The points of contention are familiar: How cyber insurance premiums are calculated and
which factors are taken into consideration.
Insurance proponents argue that having cyber insurance keeps a CISO from worrying too much about the financial impact of an attack.
Nonetheless, cleanup costs from an attack, including the added expense of post-incident forensic investigations, downtime, and credit monitoring, also need to be considered, said experts at the Black Hat summit. The recent 
ransomware attack on Applied Materials
 was estimated to have cost the company $250 million.
Catherine Lyle, head of claims at Coalition, said despite all indicators to the contrary, even lawyers care about the security of your company, especially after an attack or network breach. Active insurance is there to right the ship when it happens, she said.
Lyle said that as threat actors are becoming increasingly sophisticated, so has their understanding and knowledge of the English language, which helps threat actors who are non-English speakers find the folders containing companys financial records. They know what youre spending and who has the power to sign the checks, Lyle added.
Since most attacks are enabled by phishing, incidents of ransomware,
business email compromise,
and
funds transfer fraud
are all increasing. However, any attack where money has been sent is more of a challenge, since in a ransomware attack there can be a process of negotiation to drive down actual ransom costs, Lyle said.
She also noted that threat actors are likely to dwell in a network longer, on average being 42 days in 2022, twice as long as the average time from a year previous.
Business email compromise, ransomware, and fund transfer fraud all affect an insurance policy enormously, noted Ed Ventham, co-founder of cyber insurance broker Assured. BEC and ransomware are the two most frequent cyber insurance payouts from insurers, he added. Most of the technical questions insurers ask are about finding out what controls are in place to prevent these attacks. What endpoint protection is in place? How are systems monitored and how quickly are they patched? These factors vary widely from customer to customer.
Lyle said insurance exists to help prevent the greater harm and there are steps that can be taken to improve your security posture so that cyber insurance costs are reduced. These include adding
adding multifactor authentication
(MFA), rehearsing for incident response, and the insurance company help with pre-claim assistance.
John Caruthers, executive VP and CISO at Triden Group, said that while the idea of acquiring insurance may have seemed quaint at one time, in 2023 everyone understands cyber insurance and its purpose, despite some nuance.
He also wondered aloud if cyber insurance is for safety, a compliance play, or neither. It is not a replacement for a cybersecurity program, but a motivator to build better cybersecurity programs, he said.
Caruthers compared cyber insurance attempts to medical and automobile insurance industries, and said that in cybersecurity there isnt historical data, so a list of minimum mandatory requirements is generated to achieve cybersecurity maturity. These include MFA, incident response plans, and backups, but patch management, remote access controls, supply chain management, and awareness training are also worth considering.
Ventham also noted that end-of-life software is considered a higher risk for insurers; unsupported software is also a related issue and a challenge for insurers and customers alike.
Exploiting unsupported software is one of the most common attack surfaces, and naturally end-of-life heightens this, Ventham noted. When insurers make their assessments they take into consideration the detection and monitoring capabilities that businesses have in place for this unsupported software. They will want to know what the software is being used for, whether its Internet facing, and is it segregated from the rest of the network.

Last News

▸ Security Problem Growing for Dairy Queen, UPS & Retailers, Back off ◂
Discovered: 23/12/2024
Category: security

▸ Veritabile Defecte de Proiectare a Securitatii in Software -> Top 10 Software Security Design Flaws ◂
Discovered: 23/12/2024
Category: security

▸ Sony, XBox Targeted by DDoS Attacks, Hacktivist Threats ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Cyber Insurance Experts Make a Case for Coverage, Protection