34231 WhyCyberInsuranceShouldbeYourSOCsNewBestFriend v2

Security

Cyber insurance is a crucial component of a company's risk management strategy, providing security, funding for incident response, and financial protection against rising threats like ransomware and funds transfer fraud.

Key takeaways
  • Loss prevention is key, not just figuring out how much to pay after a loss.
  • Threat actors are getting better at their job, making it harder to prevent attacks.
  • Cyber insurance should be a key part of a company’s risk management strategy.
  • Ransomware is on the rise, with a 10% increase in 2022 and expected to continue growing in 2023.
  • Funds transfer fraud is another type of attack that is becoming more common and lucrative.
  • Companies need to educate their employees on how to prevent attacks, including using MFA and being cautious with email.
  • Having a cyber insurance policy in place can help prevent losses by providing a sense of security and allowing companies to focus on recovery.
  • Insurance companies need to adapt to the changing threat landscape and provide coverage that takes into account the latest threats and tactics.
  • Data sharing between companies and insurance providers can help identify patterns and trends in attacks.
  • Companies should have a clear plan in place for responding to an attack, including identifying the right people to contact and having a breach coach on hand.
  • Cyber insurance can help companies recover from attacks by providing funding for incident response and restoration.
  • Insurance companies need to provide clear and transparent coverage options to companies, including information on what is covered and what is not.
  • Companies should regularly review their insurance policies to ensure they are adequate and aligned with their risk profile.
  • Having a strong security posture, including regular software updates and security training for employees, can help prevent attacks and reduce the risk of losses.
  • Cyber insurance can help companies transfer risk and reduce the financial impact of an attack.
  • Companies should consider using tabletop exercises to test their incident response plans and identify areas for improvement.

More talks

Pierre Ducroquet Multi tenant database the good, the bad, the ugly

Machine Learning for Autonomous Vehicles • Oscar Beijbom & Prayson Daniel

Hugo Bowne-Anderson - Full-stack Machine Learning and Generative AI for Data Scientists

Shuffle Up and Deal: Analyzing the Security of Automated Card Shufflers

Adam Hopkins - Overcoming access control in web APIs

One Auth to Rule them All: Centralizing Authentication with Azure and API Gateway by F.Karailanidis

How practical is “DevSecOps” really? – A field report | Maximiliane Zirm

The Living Dead: Hacking Mobile Face Recognition SDKs with Non-Deepfake Attacks