BroadBand Nation

FREE Help Designing A Custom Cybersecurity Strategy

Are you armed with the right weapons to fight the cybersecurity battles you'll face to protect your business? You can source what you need here (includes FREE help designing a custom cybersecurity strategy) => Request A FREE Consultation ... All you have to do is ask.

Labels: Cybersecurity, Cybersecurity Strategy, Network Security

To Get A Cyber Insurance Policy Approved Today You Absolutely MUST Understand This

Although recovery costs continue to outpace coverage, companies today are investing more in network security to lower premiums and yield better policy terms for cyberinsurance.

This is apparently due in-part because insurance providers are incentivizing companies to improve their cyber defenses, not only by meeting minimum cyber defense standards, but also linking premium costs and depth of coverage to maintaining those standards.

It seems like that should just be common sense.

Insurers are starting to refrain from going all in offering cybersecurity insurance (in a manner of speaking) by offering lower limits of cybersecurity coverage; tightening cybersecurity insurance contract terms, conditions, and restrictions; and being more selective of the markets (e.g. industries) to offer cybersecurity insurance (at whatever limits and terms). They are also increasingly denying claims on existing policies. This is the challenging landscape faced by organizations seeking approval of a new cybersecurity insurance policy or renewal of an existing policy.

This podcast episode below of “Unscripted”! dissects the groundbreaking Merck cyber insurance case, offering a unique perspective on cyber risk management. This episode is a must-listen for anyone navigating cyber insurance complexities, highlighting key lessons from the Merck-NotPetya incident. The discussion offers insights into policy exclusions and the evolution of cyber-related insurance coverage. The basic message is that cyber-insurance providers are playing hardball with current and prospective policy holders … rightfully so.

Pricier premiums for cybersecurity insurance is an unfortunate but obvious consequence (for policy holders) of the rising number of costly data breaches, ransomware, and other security attacks occurring in the world today. For example, the losses incurred by cyberinsurance providers from the Crowdstrike incident are likely to mean that the cost to insured organizations for new policy approvals and existing policy renewals will continue to trend up for at least the near future. Providers aren’t stupid…they’re making a business decision.

Cyber loss modeling (to providers and insured alike) reminds us of the saying: “man plans, God laughs”.

Cyberinsurers are waking up to the risk they’ve taken on and the potential cost and losses they could incur…not a comfortable position for them to be in (they are in the business of making a profit after all). Providers are responding accordingly with the trend of rising costs to insured…. that makes sense. This isn’t necessarily a bad thing either, as it forces companies to finally “get serious” about their cybersecurity efforts (funding, staffing, strategy, etc….. increasingly scrutinized by the underwriters before approval of policies) or risk being exposed with no coverage.

We strongly believe companies should view cybersecurity as a business issue rather than just an IT problem. EVERYONE in an organization, from top management to individual employees, is responsible for cybersecurity. Companies should approach cybersecurity similarly to health and safety, with a culture that promotes vigilance and proactive measures.

The need for constant vigilance and proactive measures in cybersecurity cannot be understated (cyberinsurance notwithstanding). Businesses must invest in comprehensive security solutions, yes … but they absolutely MUST also foster a culture of awareness to effectively mitigate risks.

We’ve had too many “watershed moments” in Cybersecurity the last few years. The unfortunate consequence is that we have officially entered the 21st Century game of cyberwarfare. We’ve always talked about the importance of Cybersecurity, and now we’ve been hit in the face HARD. The implications of this moment are simple: you get serious about Cybersecurity, right now, or you wave the flag of surrender.

If you do the former with focus and budget, you are in better position to protect your business. If you do the latter, you simply let your systems, networks, data, and e-commerce be “owned.” Cyber insurance isn’t going to come in on a white horse to save the day, or your business. The only thing that will work is to accept the reality that this is warfare. Adopt the posture of a warrior, focus your budget, amass your tools, and step up your game.

It’s painfully obvious that cyberinsurance costs for new policies and renewal of existing policies is going up. Insurers are also increasingly denying coverage outright if you don’t have your stuff together. They’re also increasingly denying claims when the insured should have done better/more. That makes a lot of sense, they should be. The risk to insurers is too high given the threat environment and the still lagging lack of emphasis (e.g. staffing and funding of cybersecurity strategies/initiatives) by too many organizations.

The message to companies is take it seriously, or not. If not … you’ll pay the price, literally. That also makes sense.

Pay now or pay later … it really is that simple. Or put another way … if you’re more concerned about the “bottom line”, you won’t have a “bottom line” to be concerned about for long. You’ll be out of business.

Having Cyber Insurance doesn’t guarantee you will get a claim paid out either. With a staggering number of claims being denied, it’s crucial to understand why.

Cybersecurity insurance promises peace of mind. But for this company, it became a legal nightmare.

In 2013, Cottage Health suffered a major data breach. Tens of thousands of patient records were exposed online. They thought their multi-million-dollar insurance policy with Columbia Casualty had them covered.

Then, everything turned upside down.

Instead of covering the losses, Columbia sued Cottage Health, claiming they didn’t comply with the security protocols outlined in their policy.

Suddenly, the insurance that was supposed to protect them became the center of a high-stakes legal battle.

Here’s what you need to know to avoid a similar fate:

✅ Don’t just skim your cyber insurance policy. Read it in detail. Are there exclusions for things like negligence or compliance issues?

✅ Ensure every answer you provide in the application process is correct. A single mistake could cost you millions in coverage disputes.

✅ Stay vigilant and assess your practices regularly. Insurance won’t save you if you’re not following the cybersecurity protocols you promised.

In the end, a U.S. federal court dismissed Columbia’s lawsuit. It was a positive outcome for Cottage Health, but the process was costly and stressful. Plus, don’t expect those sme legal results today. Times have changed.

Many businesses make the mistake of thinking that once they have cyber insurance, they’re fully protected. However, the reality is that cyber insurance has its limitations. It might cover some financial losses but won’t repair your reputation, recover lost customers or undo the damage caused by a breach. That’s an unpleasant fact you need to be aware of.

The main takeaway of this article is clearly explained in the below video. It explores the surprising reality of cyber insurance to understand how difficult it really is to obtain a cyber insurance policy, and how difficult it is to actually make a claim. The point being that if you aren’t taking cybersecurity seriously and putting in place a solid cybersecurity strategy upfront (with the requisite tools, resources, staffing, culture, and funding) …. don’t expect cyberinsurance to ride in on a white horse and save the day for you. That’s not how it works. If you’re not serious enough to put in the effort you won’t get a policy request approved (new or renewal) or a claim approved either. Cyberinsurance providers are getting much tougher in this regard….and rightfully so. It’s time to wake up to this reality.

For FREE help addressing everything you need in a cybersecurity strategy to improve your chances of getting a cyberinsurance policy approved or renewed simply ask us at FreedomFire Communications.

Labels: Cybe Iinsurance, Cyber Insurance Policy, Cybersecurity

Critical Lessons Learned Every IT And Cybersecurity Professional Must Act On From The Crowdstrike Incident

While unintentional in nature, the recent CrowdStrike outage caused disruptions that reverberated throughout the global IT community. And while CrowdStrike and Microsoft were immediately hard at work to rectify an estimated 8.5 million computers affected worldwide, guess who’s hard at play taking advantage of the situation? Cybercriminals and their phishing schemes. Now is the time for IT and cybersecurity professionals in every company to work with their organizations to help them understand the implications of the outage, and the importance of prioritizing resiliency plans to help prevent something similar occurring again in the future.

The Vital Role of IT and Cybersecurity Professionals and Essential Discussion Points

In the aftermath of the CrowdStrike outage, you have a critical role to play as an IT or cybersecurity professional. You can offer your organization much-needed guidance on navigating this type of crisis in two ways: 1) Helping them comprehend the situation, and 2) Advising them on how to strengthen their defenses to avoid a similar disaster from impacting them in the future. (Remember, any sized company is vulnerable to modern cyber threats.)

1) Understanding the Outage

IT and cybersecurity professionals should explain the cause of the CrowdStrike outage and its impact in a sufficient amount of detail. This will help their company grasp the severity of the situation and the need for any immediate action.

It is important to note that the CrowdStrike/Microsoft outage was NOT a cyberattack. The incident began with a software update. As part of its ongoing threat protection, CrowdStrike regularly updates its sensor with the latest threat data. In this instance, the update violated a protected memory address within the Microsoft Windows environment, causing the operating system to encounter a critical error, resulting in the ubiquitous “blue screen of death” where an affected device is unable to recover on its own. The workaround to the issue involved a very manual process, requiring users to log in to each machine under “safe mode” and remove the registry key that contains the faulty code.

This event shows just how connected technology products are within our ecosystem, and one failure can cause a devastating impact on an entire infrastructure. While both CrowdStrike and Microsoft worked diligently to assist in recovery efforts, we all need to be aware of the potential for secondary attacks from cybercriminals based on information collected via a phishing attack.

2) Learning from the Incident: How to Outsmart the Bad Guys

Within hours of the incident on July 19, 2024 CrowdStrike warned of malicious activity trying to exploit the outage. One primary method that cybercriminals were using is to send phishing emails purportedly from CrowdStrike (or Microsoft) using “spoofed” addresses (i.e., somebody@crowdstrikeoutage.com) with malicious attachments or simply to gather information for a later compromise. CrowdStrike and Microsoft worked around the clock to provide guidance as well as potential tools to assist with recovery.

IT and cybersecurity staff should guide their organization on how to prevent falling for such tactics, such as not opening any emails from unofficial addresses posing as CrowdStrike support and questioning any phone calls from CrowdStrike staff; they are likely impersonators.

Additionally, this unfortunate incident opens up the conversation for developing (or revisiting) a robust cybersecurity prevention and recovery plan. With access to a breadth of cybersecurity providers, solution architects, and managed services, we can help your company with your entire strategy – from organization-wide cyber training, to IT outage response plans, to infrastructure automation for disaster recovery, to third-party risk management programs. Simply tell us what you need at FreedomFire Communications and we’ll make it happen.

Our colleague Koby Phillips reminds us:

“This high-impact event emphasizes the urgency to keep resiliency plans current, communicated, and understood within the organization to avoid the types of customer disruptions experienced since July 19. Like other industry disruptions this year, this event creates conversation opportunities for technology professionals to have with their company about how to best prepare their organization for these inevitabilities.”

– Koby Phillips, VP of Advanced Solutions – Cloud, Telarus

Final Thoughts

While the CrowdStrike outage presents significant challenges, it also offers a reason for immediate outreach to your entire organization (especially senior leadership) while demonstrating further value to them. By offering expert guidance and leveraging essential discussion points, you can assist your organization in navigating this crisis, preventing future similar incidents, and emerging stronger and more resilient.

In the spirit of resilience, it is crucial to ask yourself and your colleagues: “Which components or upstream vendors in our environment are we dependent on? Are we considering resiliency around those as well?” This questioning encourages you and your company to think critically about your dependencies but also underscores the importance of resilience planning.

In every crisis lies an opportunity. For IT and cybersecurity professionals, this is that opportunity.

Labels: Crowdstrike, Cybersecurity, Cybersecurity Incident