Black Hat Summit Explores Cybersecurity and Insurance Collaboration
Black Hat USA hosted a mini summit focused on the relationship between cybersecurity and insurance, highlighting the need for collaboration and refinement in these industries. The summit sparked discussions about the necessity of cyber insurance, its assessment process, and how Chief Information Security Officers (CISOs) can utilize it effectively.
The key points of contention among participants centered around how cyber insurance premiums are calculated and which factors should be taken into consideration. Proponents argue that cyber insurance provides financial protection for CISOs in case of an attack, allowing them to focus on addressing the security breach. However, experts at the summit stressed that cleanup costs from an attack, including expenses for post-incident forensic investigations, downtime, and credit monitoring, must also be considered. For example, the recent ransomware attack on Applied Materials cost the company an estimated $250 million.
The Role of Active Insurance in Addressing Cyber Attacks
Catherine Lyle, head of claims at Coalition, emphasized the importance of active insurance in mitigating the effects of cyber attacks. She highlighted how threat actors are becoming increasingly sophisticated and adept at exploiting vulnerabilities, including their understanding of the English language. Lyle noted that non-English speaking threat actors often search for folders containing a company’s financial records and gain insights into their spending history and authorized signatories for financial transactions. As phishing attacks remain a common entry point for cyber attacks, incidents related to ransomware, business email compromise, and funds transfer fraud are on the rise.
Addressing the challenge of negotiation in ransomware attacks, Lyle mentioned that reducing the actual ransom costs can be a lengthy process. Moreover, threat actors now tend to dwell within a compromised network for an average of 42 days, double the duration from the previous year. This extended presence worsens the impact and cleanup costs of cyber attacks.
Insurance Considerations in Preventing Cyber Attacks
Ed Ventham, co-founder of cyber insurance broker Assured, highlighted the significant influence of business email compromise (BEC) and ransomware on cyber insurance policies. Insurers often inquire about the preventive controls in place to mitigate these attacks. This includes examining endpoint protection, system monitoring, patching speed, and other specific factors tailored to each customer’s security measures.
Lyle stressed that cyber insurance can play a proactive role in preventing severe harm. To reduce cyber insurance costs, organizations can implement additional security measures such as multifactor authentication (MFA), rehearsed incident response plans, and leveraging pre-claim assistance from insurance companies.
Cyber Insurance as a Catalyst for Enhanced Cybersecurity Programs
John Caruthers, executive VP and CISO at Triden Group, reflected on the growing significance of cyber insurance in 2023. He likened the role of cyber insurance to that of medical and automobile insurance, stating that it is not a replacement for a cybersecurity program but rather a motivator for building better programs.
Caruthers proposed generating a list of minimum mandatory requirements for achieving cybersecurity maturity due to the lack of historical data in the cybersecurity industry. These requirements include MFA, incident response plans, backups, and considerations for patch management, remote access controls, supply chain management, and awareness training.
Challenges Regarding End-of-Life Software and Unsupported Software
Insurers consider end-of-life software and unsupported software as higher risks. Exploiting unsupported software ranks among the most common attack surfaces, which underscores the elevated risk associated with end-of-life software. Insurers assess a company’s detection and monitoring capabilities for this type of software, questioning its usage, whether it is exposed to the Internet, and whether it is segregated from the rest of the network.
Editorial: The Ongoing Dance of Cybersecurity and Insurance
The relationship between cybersecurity and insurance is an intricate dance. As cyber threats evolve, insurers and businesses must adapt and refine their collaboration to effectively address the financial consequences of cyber attacks. Discussions at the Black Hat mini summit showcased the urgency to bridge the gap between underwriting practices and emerging cybersecurity trends.
However, the complexity arises from the calculation of cyber insurance premiums. Ensuring accuracy in assessing risks and considering all factors involved requires a careful balance. Insurers need to strike a balance between providing adequate coverage for organizations without compromising their own financial viability. This challenge is underscored by the evolving tactics employed by threat actors.
While cyber insurance is not a substitute for a strong cybersecurity program, it can be a catalyst for building better programs. The involvement of insurance companies can motivate organizations to invest in robust security measures, incident response plans, and employee training to reduce their risk profiles.
Advice: Strengthening Cybersecurity Posture and Insurance Coverage
To enhance security and reduce cyber insurance costs, organizations should consider the following proactive measures:
1. Adopt Multifactor Authentication (MFA)
MFA provides an additional layer of security, significantly reducing the likelihood of unauthorized access to critical systems and sensitive information. Implementing MFA across all relevant platforms and applications can strengthen overall security posture.
2. Establish and Rehearse Incident Response Plans
Organizations should create and regularly test incident response plans to ensure an effective and efficient response in the event of a cyber attack. Conducting drills involving various attack scenarios strengthens the team’s readiness and minimizes response time.
3. Leverage Pre-Claim Assistance from Insurance Companies
Engage with insurance providers to understand the pre-claim assistance services they offer. Insurance companies can provide guidance and expertise in enhancing security practices, identifying vulnerabilities, and implementing preventive controls.
In conclusion, the collaboration between cybersecurity and insurance must continue to evolve to address the ever-changing cyber threat landscape effectively. Businesses should view cyber insurance as a strategic investment and actively engage with insurance providers to ensure adequate coverage and an ongoing assessment of cybersecurity practices.
<< photo by Dan Nelson >>
The image is for illustrative purposes only and does not depict the actual situation.
You might want to read !
- Symmetry Systems Secures $17.7M Funding to Fuel Expansion of AI-Driven Data Security Platform
- The Hunt for Justice: Victor Zhora’s Battle to Catalog Evidence of Russian Hackers’ Cyberwar Crimes in Ukraine
- The White House’s Innovative Initiative: Incentivizing AI to Counter Hackers
- Is Cloud Security the Next Frontier? Kivera Raises $3.5 Million in Seed Funding
- Government Report Exposes Dark Side: How Smart Devices Fuel the Scourge of Domestic Violence
- Securing the High Seas: Navigating Environmental Regulations and Cyber Threats in the Maritime Industry
- Navigating the Complexities: Formulating Effective AI Risk Policy
- The Rise of Machine Trust: Transforming Cybersecurity
- Advocating for a Zero-Trust Framework: Safeguarding the Public from AI
- Editorial Exploration: Examining the Impact and Significance of the California Delete Act
- The White House’s Dual Approach: Immigration Reform and National Collaboration to Empower the Cyber Workforce
