{"id":19053,"date":"2022-05-16T05:20:59","date_gmt":"2022-05-16T13:20:59","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2022\/05\/16\/news-12786\/"},"modified":"2022-05-16T05:20:59","modified_gmt":"2022-05-16T13:20:59","slug":"news-12786","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2022\/05\/16\/news-12786\/","title":{"rendered":"Cyber insurance: there\u2019s bad news and there\u2019s good news"},"content":{"rendered":"<p><strong>Credit to Author: Doug Aamoth| Date: Mon, 16 May 2022 08:46:37 +0000<\/strong><\/p>\n<div class=\"entry-content lg:prose-lg mx-auto prose max-w-4xl\" width=\"100%\" height=\"420\">\n<div style=\"padding: 56.25% 0 0 0; position: relative;\"><iframe loading=\"lazy\" style=\"\" src=\"https:\/\/player.vimeo.com\/video\/708814066?h=70c41be6f9&amp;byline=0&amp;portrait=0\" frameborder=\"0\" allowfullscreen=\"allowfullscreen\" width=\"100%\" height=\"420\"><\/iframe><\/div>\n<p><script src=\"https:\/\/player.vimeo.com\/api\/player.js\"><\/script><\/p>\n<p><a href=\"https:\/\/www.sophos.com\/en-us\/whitepaper\/cyber-insurance-2022\"><img decoding=\"async\" loading=\"lazy\" class=\"alignright wp-image-84479\" style=\"border: 1px solid silver;\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2022\/05\/Insurance.png?w=239\" alt=\"\" width=\"200\" height=\"251\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2022\/05\/Insurance.png 551w, https:\/\/news.sophos.com\/wp-content\/uploads\/2022\/05\/Insurance.png?resize=239,300 239w\" sizes=\"auto, (max-width: 200px) 100vw, 200px\" \/><\/a>Earlier this year, we asked 5,600 IT professionals about their experiences with cyber insurance.<\/p>\n<p>The results are mixed, but the key takeaways are that cyber insurance is becoming harder and more expensive to get due in part to an increase in attacks. However, it&#8217;s meant that in order to get cyber insurance, companies are required to have solid protections in place, which means that overall defenses have improved.<\/p>\n<p>Here&#8217;s a closer look at some of the data. You can <a href=\"https:\/\/www.sophos.com\/en-us\/whitepaper\/cyber-insurance-2022\" target=\"_blank\" rel=\"noopener\">download the full report here<\/a>.<\/p>\n<h2>The bad news<\/h2>\n<p><img decoding=\"async\" loading=\"lazy\" class=\"alignright wp-image-84483 size-full\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2022\/05\/bad-news-e1652109717727.png\" alt=\"\" width=\"252\" height=\"820\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2022\/05\/bad-news-e1652109717727.png 252w, https:\/\/news.sophos.com\/wp-content\/uploads\/2022\/05\/bad-news-e1652109717727.png?resize=92,300 92w\" sizes=\"auto, (max-width: 252px) 100vw, 252px\" \/>For starters, the overall threat environment is more challenging than ever. Over the last year, companies have been dealing with the following:<\/p>\n<ul>\n<li>A 57% increase in the volume of attack<\/li>\n<li>A 59% increase in the complexity of attacks<\/li>\n<li>A 53% increase in the impact of attacks<\/li>\n<\/ul>\n<p>And when it comes to ransomware, things are getting worse. When asked if they&#8217;d been hit by ransomware in the last year, 66% of respondents said yes &#8211; up from 37% when we asked the same question last year.<\/p>\n<p>What&#8217;s more, the average ransomware payment is now north of $800,000 whereas last year it was around $170,000.<\/p>\n<p>Here&#8217;s what that means when it comes to trying to get cyber insurance in 2022. Our respondents reported the following:<\/p>\n<ul>\n<li>54% said the level of cybersecurity they need to qualify is now higher<\/li>\n<li>47% said policies are now more complex<\/li>\n<li>40% said fewer companies offer cyber insurance<\/li>\n<li>37% said the process takes longer<\/li>\n<li>34% said it is more expensive<\/li>\n<\/ul>\n<p>So: more frequent, more complex, more impactful attacks and fewer companies offering harder to get policies that are more expensive. Time for some good news, right?<\/p>\n<h2>The good news<\/h2>\n<p><img decoding=\"async\" loading=\"lazy\" class=\"alignright wp-image-84486 size-full\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2022\/05\/good-news-e1652109895677.png\" alt=\"\" width=\"251\" height=\"499\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2022\/05\/good-news-e1652109895677.png 251w, https:\/\/news.sophos.com\/wp-content\/uploads\/2022\/05\/good-news-e1652109895677.png?resize=151,300 151w\" sizes=\"auto, (max-width: 251px) 100vw, 251px\" \/>All the bad news listed above has become a forcing factor toward better security. The data indicates that 97% of those surveyed reported making changes to their defenses in order to secure insurance.<\/p>\n<p>Of those who made changes&#8230;<\/p>\n<ul>\n<li>64% have implemented new technologies and services<\/li>\n<li>56% have increased staff training and education activities<\/li>\n<li>52% have changed processes and behaviors<\/li>\n<\/ul>\n<p>The other good news is that if you&#8217;re able to secure cyber insurance, it appears to be a worthwhile investment: 98% of respondents indicated that cyber insurance that included ransomware coverage paid out on related claims. Actual ransom payments were down as well, from 44% in 2019 to 40% in 2021.<\/p>\n<h2>More good news: we can help<\/h2>\n<p>The first step toward getting cyber insurance: make sure you can get cyber insurance. According to leading cyber insurance broker Marsh McLennan Agency, the following security controls are must-haves&#8230;<\/p>\n<ul>\n<li>Multifactor authentication for remote access and privileged controls<a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2022\/05\/Cyber-Controls-Required-for-Insurance-Marsh-McLennan-Agency.png\"><img decoding=\"async\" loading=\"lazy\" class=\"alignright wp-image-84523\" style=\"border: 1px solid silver;\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2022\/05\/Cyber-Controls-Required-for-Insurance-Marsh-McLennan-Agency.png?w=640\" alt=\"\" width=\"400\" height=\"225\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2022\/05\/Cyber-Controls-Required-for-Insurance-Marsh-McLennan-Agency.png 3000w, https:\/\/news.sophos.com\/wp-content\/uploads\/2022\/05\/Cyber-Controls-Required-for-Insurance-Marsh-McLennan-Agency.png?resize=300,169 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2022\/05\/Cyber-Controls-Required-for-Insurance-Marsh-McLennan-Agency.png?resize=768,432 768w, https:\/\/news.sophos.com\/wp-content\/uploads\/2022\/05\/Cyber-Controls-Required-for-Insurance-Marsh-McLennan-Agency.png?resize=1024,576 1024w, https:\/\/news.sophos.com\/wp-content\/uploads\/2022\/05\/Cyber-Controls-Required-for-Insurance-Marsh-McLennan-Agency.png?resize=1536,864 1536w, https:\/\/news.sophos.com\/wp-content\/uploads\/2022\/05\/Cyber-Controls-Required-for-Insurance-Marsh-McLennan-Agency.png?resize=2048,1152 2048w\" sizes=\"auto, (max-width: 400px) 100vw, 400px\" \/><\/a><\/li>\n<li>Endpoint detection and response (EDR)<\/li>\n<li>Secure, encrypted, and tested backups<\/li>\n<li>Privileged access management (PAM)<\/li>\n<li>Email filtering and web security<\/li>\n<\/ul>\n<p>&#8230;while the following seven controls are desirable as well:<\/p>\n<ul>\n<li>Cyber incident response planning and testing<\/li>\n<li>Cybersecurity awareness training and phishing testing<\/li>\n<li>Hardening techniques, including Remote Desktop Protocol (RDP) mitigation<\/li>\n<li>Logging and monitoring\/network protections<\/li>\n<li>End-of-life systems replaced or protected<\/li>\n<li>Vendor\/digital supply chain risk management<\/li>\n<\/ul>\n<p>Fortunately, the <u><a class=\"PrimaryLink BaseLink\" href=\"http:\/\/sophos.com\/MTR\" target=\"_blank\" rel=\"noreferrer noopener\">Sophos Managed Threat Response<\/a><\/u> (MTR) service enables you to achieve many of these controls with single solution.<\/p>\n<div style=\"padding: 56.25% 0 0 0; position: relative;\"><iframe loading=\"lazy\" style=\"\" src=\"https:\/\/player.vimeo.com\/video\/499349873?h=4fae132a43&amp;byline=0&amp;portrait=0\" frameborder=\"0\" allowfullscreen=\"allowfullscreen\" width=\"100%\" height=\"420\"><\/iframe><\/div>\n<p><script src=\"https:\/\/player.vimeo.com\/api\/player.js\"><\/script><br \/> With Sophos MTR, you get our 24\/7 threat hunting and response service, our powerful extended detection and response (XDR) tool, and Sophos&#8217; world-class endpoint protection. Together they tick many of the cyber control boxes:<\/p>\n<ul>\n<li><b>Endpoint detection and response (EDR).<\/b> Sophos MTR advanced gives you Sophos\u2019 world-leading endpoint and workload protection to stop cyber attacks before they can run, together with 24\/7 threat hunting, investigation, and response delivered by Sophos&#8217; team of threat experts \u2013 to detect and stop human-led attacks. Should you wish to do the threat hunting yourself, you can do it with our XDR solution.<\/li>\n<li><b>Web security. <\/b>Protects against malicious downloads and suspicious payloads delivered via browsers. Control features enable administrators to warn or block websites based on their category, block risky file types, and apply data leakage controls against web-based email and file sharing. Web Control for Cloud Workload environments secures data when users access virtual desktops that don\u2019t sit behind a traditional web gateway.<\/li>\n<li><b>Privileged Access Management (PAM).<\/b> Sophos XDR records all user activity, including authentication and Microsoft 365 audit logs to show changes to privilege settings. Also includes access to the Windows logs from the device and domain controller to see Windows events. It complements and enhances dedicated PAM solutions. Sophos Endpoint protection prevents attempts to harvest or steal user credentials directly from memory.<\/li>\n<li><b>Cyber incident response planning and testing<\/b>. Sophos MTR provides 24\/7 threat hunting, detection, and response delivered by an expert team as a fully-managed service. It includes unlimited incident response cover, so if you experience an event, our team of expert responders will step in and address it &#8211; at no extra cost.<\/li>\n<li><b>Hardening techniques, including remote desktop protocol mitigations<\/b>. Sophos XDR enables you to identify when RDP has been used. Remote terminal allows administrators to enable and disable RDP policy. It also provides visibility into the RDP policy on all managed devices and detect changes to it.<\/li>\n<li><b>End of life systems replaced or protected<\/b>. Sophos XDR identifies outdated and unsupported software and systems.<\/li>\n<li><b>Patch management and vulnerability management<\/b>. Sophos XDR provides access to all applications on the device, version info, SHA256, patch info and their logs, including the application execution history, network connections, parent\/child processes, and more. It also includes queries to check installed applications against online vulnerability information, and queries to identify security posture weaknesses in registry settings.<\/li>\n<\/ul>\n<p>And that&#8217;s just with one service! We&#8217;ve also got network protection with <a href=\"https:\/\/www.sophos.com\/en-us\/products\/next-gen-firewall\" target=\"_blank\" rel=\"noopener\">Sophos Firewall<\/a>, advanced filtering and business email compromise (BEC) protection with <a href=\"https:\/\/www.sophos.com\/en-us\/products\/sophos-email\" target=\"_blank\" rel=\"noopener\">Sophos Email<\/a>, phishing testing and training with <a href=\"https:\/\/www.sophos.com\/en-us\/products\/phish-threat\" target=\"_blank\" rel=\"noopener\">Sophos Phish Threat<\/a>, and <a href=\"https:\/\/www.sophos.com\/en-us\/products\" target=\"_blank\" rel=\"noopener\">several other products and services.<\/a><\/p>\n<p>Visit <a href=\"https:\/\/www.sophos.com\/\" target=\"_blank\" rel=\"noopener\">Sophos.com<\/a> to learn more and click here to read the report: <a href=\"https:\/\/www.sophos.com\/en-us\/whitepaper\/cyber-insurance-2022\" target=\"_blank\" rel=\"noopener\">Cyber Insurance 2022: Reality from the Infosec Frontline<\/a><\/p>\n<\/p><\/div>\n<p><a href=\"https:\/\/news.sophos.com\/en-us\/2022\/05\/16\/cyber-insurance-theres-bad-news-and-theres-good-news\/\" target=\"bwo\" >http:\/\/feeds.feedburner.com\/sophos\/dgdY<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2022\/05\/shutterstock_1674700516.png\"\/><\/p>\n<p><strong>Credit to Author: Doug Aamoth| Date: Mon, 16 May 2022 08:46:37 +0000<\/strong><\/p>\n<p>The threat environment is more challenging than ever. Here&#8217;s what it takes to get cyber insurance in 2022.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10377],"tags":[22869,23925,24562],"class_list":["post-19053","post","type-post","status-publish","format-standard","hentry","category-security","category-sophos","tag-cyber-insurance","tag-mtr","tag-products-services"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/19053","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=19053"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/19053\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=19053"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=19053"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=19053"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}