July Risk Roundup: The conundrum of underwriting and protecting your organization’s data

by Stephanie Mangold.
The Risk Roundup is our weekly collection of curated content that relates to all things digital risk management. Members of the Coalition team have pulled together their favorite posts from the week that highlight relevant trends in cybersecurity and cyber insurance. Enjoy our TL;DR and useful snippets on topics we’re keeping a close eye on.

Data is a fundamental component of cybersecurity. The cyber market is tightening as carriers struggle to price their capacity, and organizations question precisely how much risk they have. To mitigate risk, testing and verifying the usability of your backup data is crucial while spotting phishing attempts, an ever-present security threat, may get a little easier, thanks to Google.

1. Don’t wanna pay ransom gangs? Test your backups

Backing up data without testing to make sure you can recover it in a reasonable timeframe, known as recovery time objective or RTO, is virtually a guarantee that you won’t be able to recover before your business goes bust. The period between falling victim to a cyber attack and restoration via backups is known as maximum tolerable downtime or MTD. A simple equation is RTO < MTD, otherwise you’re just wasting money on backups –  Aaron Kraus, Security Engagement Manager

View tweet here

2. Google’s new Gmail security feature could save you from phishing attacks

Verified brand indicators in Gmail solves a ton of phishing issues. Even security pros can be tripped up by a convincing-looking phishing attempt if we’re too busy to do a deep dive on a particular message. –  Aaron Kraus, Security Engagement Manager

View tweet here

3. How the cyber threat landscape is evolving

With the immediate monetization of the crime through the use of ransomware, threat actors don’t need to focus on the sale of high-value personal information anymore. Instead, they can attack any entity with vulnerabilities and receive an immediate reward for their crime, all through ransom. It is no longer just healthcare at risk, every company, in every industry, is susceptible. Catherine Lyle, Head of Claims

View tweet here

4. Cyber-risk data gap threatens insurance offerings

The error in the insurance industry is relying on information that “companies provide to insurance underwriters [which] is often given only verbally during an underwriting meeting.” Our differentiated underwriting capabilities and unique risk management offerings have established us as an industry leader in the cyber insurance market. Coalition focuses on a company’s use of riskier remote connection technologies and unpatched vulnerabilities that we know attackers are targeting. – Catherine Lyle, Head of Claims

View tweet here

If you enjoyed this post be sure to check our blog weekly; the Risk Roundup runs Friday mornings in addition to more enlightening content we post related to the ever-evolving landscape of digital risk. Follow us on Twitter (@SolveCyberRisk) and LinkedIn (Coalition Inc). If you have any suggestions for content that we should be adding to our reading list, let us know!