KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
More and more it becomes difficult to Insure yourself against a Cyber attack. Understanding all the different vectors of your risk posture, the flood of different tools and checklists that need to be taken into account and the way to consolidate this risk into an overarching risk dashboard is an immense challenge for CISO's, Risk Managers and their senior leadership. Because of this major challenge and a non-standard way of calculating the risk; more and more Insurance companies are putting a high demand on the information provided in order to get a proposal for a Cyber Insurance and then, if and when a Cyber Insurance is offered, the premiums and coverage become another big challenge and financial burden on companies.
The presentation will highlight these challenges and will provide hints and tips on how to deal with this problem, ensuring to get Cyber Insurance at the lowest possible premium and with the highest coverage.
More and more it becomes difficult to Insure yourself against a Cyber attack. Understanding all the different vectors of your risk posture, the flood of different tools and checklists that need to be taken into account and the way to consolidate this risk into an overarching risk dashboard is an immense challenge for CISO's, Risk Managers and their senior leadership. Because of this major challenge and a non-standard way of calculating the risk; more and more Insurance companies are putting a high demand on the information provided in order to get a proposal for a Cyber Insurance and then, if and when a Cyber Insurance is offered, the premiums and coverage become another big challenge and financial burden on companies.
The presentation will highlight these challenges and will provide hints and tips on how to deal with this problem, ensuring to get Cyber Insurance at the lowest possible premium and with the highest coverage.
Yes. Well good morning and thanks for staying. I know it's getting close to to lunchtime, but I hope, and I think that I have some interesting experience to share with you about the topic of, of cyber insurance and as many said before me risk management because in the end, cyber insurance, you know, relies on the risk management processes you have. You don't do it only for cyber insurance. I don't have a a i here That's okay because I have a colleague with me.
Ah, and he is actually, I'm pointing at him and he will help me to put the next slide on. So have access to that. So that's on you then?
Oh, that's on me. Okay. So I appointed you, but it goes here. I don't have to repeat.
I think, you know, all the, the news about how difficult it is to get a cyber insurance policy, what work you need to do for that and the premiums that actually go along with that. Last week I was in a webinar with eight of the major American cyber insurers carriers and brokers, and they actually painted a very positive picture.
They said, ah, the rising premiums was not that bad last year it was only 12% rise the year before it was 85%. And I said, okay, is that a positive? I think it's still very negative.
You know, if you add another 12% to your premiums, then you know, it's not, it's not that that good anyway. I think, and you know, I'm looking at the audience here, it is still not easy to get a cyber insurance to get it done, to get the premium at the right level that you can pay for it. So I think there's a lot still to be, to be done on that side. Both on the insurer side, the carrier side and the broker side.
But also I think we have a opportunity to play a role as cybersecurity companies that, you know, provide help to actually provide, you know, information to both insurers as well as the, the end customers. How to deal with that in an effective way. And I apologize, my voice might be going down a bit. I've catched up a call this week, so I hope it will last for an at least another seven, seven minutes or, but let's see. So we all know that, you know, you can look at, at cyber insurance in, you know, all kinds of ways you can put your head in the sand, think that the problem is not there.
We, we all know that that is not really going to work and at one point it's gonna hit you. You could also be a risk taker and say, okay, I know that you know, I don't know everything or you know a lot and you actually take the risk of not getting a cyber insurance if you're in the position to do so, or you are a scientist and you want to know everything. And with that knowledge you can actually define and make the right decisions whether or not to get a cyber insurance policy. And at the right level, where are we now You have to look at a number of things.
When to get a cyber insurance policy here, what must be done to qualify? There's a lot of work involved. What are the areas that you, that you need to cover? Will I be able to get enough?
Yeah, is it in the right ballpark? Is it the right coverage? What are the cost and is it affordable to me as an organization to, to do so? What are the areas, if so, and do I know them that I need to actually fix before I can get a good cyber insurance policy? Because we've also seen recently that is not that easy to get one if you don't have all the information to provide. And of course what we like to do is to see how can we bring down the premiums and up the coverage Cuz coverage has been going down while the previous premiums have been going up.
And what if I cannot get enough cyber insurance cover at all? So when you look at the process, and I've worked with a lot of customers that needed to get the cyber insurance and it is tedious work for the CSOs for, you know, the insurers, the CIOs.
It's a, it's a lot of manual work and I think we've seen some colleagues here that can help you with assessments and they provide you with 365 pages of checklists to, you know, identify what are the areas that you know are needed to get a cyber insurance. There's also a lot of areas that you need to assess it.
Not just, you know, the endpoints. It's not just the applications. It's actually a lot more that you need to understand and actually identify in what do I need to prove to get, you know, the right level of coverage. You need to understand the policy conditions. So where the coverage and how can they apply to it, what do you need to disclose and what do I want to disclose and can I identify my third parties? Third party. And supply chain management is becoming a big, big, big issue.
And you know, more and more it has become, you know, difficult for organizations to identify and actually manage those processes. And how do I then eventually translate, you know, the identified areas and the vulnerabilities into risk course? How do I bring that together if I have a plethora around different solutions and assessments, how does it bring me to, you know, a, an overarching score and one that in my opinion is even more important than the most important.
We see that the cyber insurance you do on a yearly basis, yeah, so you do one time assessment, you get your insurance, it's nice and then you come back the next year. But what happens in between, things change on a rapid basis as we know we're in organizations that change on a daily basis and what happens if that change is, you know, substantial that actually your cyber insurance, you know, should have been changed. And what happens if that vulnerability then gets exploited? You get the ransomware, what happens, you know, with, you know, the coverage you then have. That's a big problem.
So we need to think also about, you know, continuous monitoring. What we like to, to work with is to help our customers and we put here through all the slides, the niche framework where you first have to identify what do you have in terms of all your assets, your environment, your policies, your procedures. Identify what are the exposures that you have in that space and then, you know, create a risk score out of that. We're not going to talk too much today about the protect the detect side of the house because that's the next step.
And of course if you want to improve your cyber insurance policy or your risk management, then you need to think about protect as well. But first you need to think about where can I find the information and how can I keep that up to date on a continuous basis. So we believe that the industry needs to move towards a comprehensive and continuous risk assessment on a regular basis. I would not say a monitoring, you know, near to real time basis, although that would be great at one point, but I think we are a long way from from that area yet.
But I think there are opportunities now for us also to look at, you know, regular comprehensive risk assessments that are inclusive of all the applicable areas that are majorly automated. Because doing it all manually requires a lot of effort and doesn't give you a lot of output and repeatability and also to look at the dashboarding above it. What we also think could be useful, and it was mentioned in one of the earlier speakers, is that your crown jewels is one of the areas that you could focus on in reducing your risk.
So I'm jumping a little bit to the protector area so we can introduce a cyber volt for your crown jewel protection. That is, that is helping you to protect those specific areas, files, applications, whatever you think is, you know, your crown jewel. Put them in a sort of safe and protect them from that perspective. And obviously in the detect and response area you can look at partners of us that provide you services, the managed purity services to provide coverage on the, on that side as well.
Last but not least, it is very important to have a proper incident and response service because when you get hit and it's, it's not if it's when you get hit or when you suspect you get hit, extremely important to get in there early to remediate the situation, to contain the situation and to recover as soon as possible and to mitigate all the losses that you, that you have. So if we look at continuous risks assessment, of course you have the dashboard, you see an example below, you need to look at all the different areas.
So you have the identities, you have the applications, your endpoints, you need to look at your cloud, your network and infrastructure. Don't forget to look at the third parties. We also provide as an service inside of this continuous assessment, a red teaming exercise, which of course is manual, but it gives you a lot of information on where your potential vulnerabilities are. We provide you with the DDoS resilience, so are you able to prevent yourself against the major DDoS? It's becoming also since the war in Ukraine, a very relative and and very relevant issue.
Again, nowadays we thought that DDoS was something from the past, but it has come up quite frequently. Again, we look at ransomware resilience, how, how well are you ready for that? We should not forget, you know, the IT and OT environments which are not easy to assess and to contain. One thing that, you know, companies forget most of the times is the storage and the backups. Are you really, you know, protected against the ransomware, the vulnerabilities on your storage because this is your feel safe.
If you don't have a good backup then you know, a remediation, recovering from a ransomware attack obviously is a, a tremendous issue. External attack surface. And I put some dots at the site for instance, like SAP assessment can be also part of, of the ecosystem. So that is one we provided on a per user per month cost basis. On a continuous basis, as I said, so that you have a overarching view at any moment in time.
R i volt is actually based on the confidential compute new technology area that by Gartner and other Analyst is, is mentioned as one of the new hype cycles coming up where you protect actually your crown jewels or other information at the source. So our solution as a, a PCI based software and hardware solution that you put on the hardware itself, so it's on-prem solution primarily and all the information that goes through your execute environment or to your files will have to go through the PCI board and the associated software. And we scan every transaction on the seven layers of the osi.
So we can look at data exfiltration, we can look at ransomware attacks, we can look at, you know, authentication authorization so that you know, you have a, a true protection of your crown jewels. And with that hopefully, and my voice is almost, you know, gone, you will get, you know, properly insured, your premiums could go down, you could get a better coverage of of the policies. And last but not least, the risk management is, is getting better and that means that also a lot of your company risks are going down, not just the, the cyber insurance.
So with that I give back a few minutes for questions and if there are no questions then lunch is being served Soon. Is there any question from our attendees? We have plenty of time sir. Alright. Be yeah. And later on I will have a question too. Good. Not lunch yet. So I like what you presented in terms of the automated continuous risk assessment.
I, I just wonder how does this work? I know a lot of companies who, who even struggle to get an overview of all their applications. Yeah. Not to talk about automated assessments, but you have much more dimensions which you would like to automatically assess. Does this only work for small companies or no? No. Or How do you do it?
No, we currently have one of the largest snack manufacturers in the world that is, you know, working with us on this. The trick that we believe we have put is we are not developing all ourselves. We're integrating solutions into our holistic service. So we take the best, maybe not best of breed, of every area and, and we believe you don't need best of breed if you get, you know, coverage on the white area in the best of suite, you'll get a lot already. So we integrated, for instance, one of the best storage identified solutions in the world, an Israeli company called Continuity.
We put them in, they are helping us to identify what are the vulnerabilities on the storage side of the house and we automate that through our dashboarding and through our automated processes. Thank you. I have one question. I was like looking at the stages, you mentioned earlier the first stage is like identify, identifying or reconnaissance and which kind of sources do you actually take benefit from? Like maybe threat intelligence or Yeah, threat is one of the areas as well. Yeah.
If you look at one of the, the boxes is xim information or xim information primarily is a detect and response capability. But in there you get a lot of threat intel as well. And that is a fit into the identify arena. So Maybe you would also like then you will consider yourself rather not reactive, but a proactive cybersecurity company then.
Yeah, I think, I think if you can identify you are proactive. Yeah. Yeah.
And, and it's extremely important to start at the identify stage cuz you can put in a lot of, you know, solutions that you think in the protection. I've been in the industry 25 years and in the past we would throw, you know, numerous solutions, you know, just fix this.
Oh, now we have, you know, an, an issue because we implement something else. Now we have an issue on the, on the perimeter, let's put another solution in there. But if you don't identify first, you know, what are your risks, what are your assets, what are, you know, your vulnerabilities, then you can throw, you know, as much hardware technology added as you can pay for. But I don't think it will get you to the right result. Yep. Alright. Thank you. Thank you Hank thanks a lot for this presentation and you're welcome for your time to answer in the questions. Thank you.
