• Skip to main content
  • Skip to footer

Commonwealth Sentinel

Cyber Security for local government, non-profits and small business

MENUMENU
  • Home
  • About Us
    • Sheri Donahue
    • Leo Haggerty
    • Careers
  • Services
    • Vulnerability and Threat Evaluation
    • Transformation Management
    • CISO Management Services
    • Incident Response Management
  • News
  • Blog
  • FAQs
  • Contact Us

Terry Davis / June 24, 2022

Cyber Insurance is NOT Cyber Security

Have you ever thought that as long as you have car insurance that it was okay to drive drunk? Or have you ever thought that as long as you have homeowners insurance it’s okay to start a bonfire in your basement? If you have a car accident or your house burns down, your insurance will pay, right? Of course not!
So then why would you think that as long as you have cyber insurance you don’t have to protect your system? You do!
If you were one of the early cyber insurance policyholders, you likely only had to answer a handful of questions and were guaranteed a policy at a very reasonable rate. Now, however, if you try to renew or obtain a policy for the first time, you may have to answer a questionnaire of up to 300 questions and are not guaranteed to be able to obtain the policy/renewal…and if you do get the policy, it will be quite a bit more expensive.
The primary reason for this increasing difficulty and cost is the ever-increasing threats.
If you own a modest one-story home in a quiet neighborhood at the end of a cul-de-sac that is not in a hurricane, tornado, wildfire, or earthquake zone with a low crime rate, your homeowner’s insurance will be much less than if you owned a 3,000 square-foot, state-of-the-art, high-tech beach house on the coast of Florida. More threats, more risk.
Additionally, when you initially obtain a cyber insurance policy, the requirements to maintain a strong cyber security posture will increase over time as the threat increases. The insurance companies must take this into account. You may be safe today but if you don’t sustain good cyber hygiene and patch frequently, you will be more at risk later.
Similar to car insurance companies that allow customers to opt-in to monitoring in order to have decreased premiums, cyber insurance providers may allow for monitoring by the insurance companies to maintain lower premiums.
This monitoring is one of the many, and one of the critical, tools that a cyber security firm can provide in addition to the other measures they can provide to help protect your network and foster a mature cyber security environment.
Some industries are already seeing cyber insurance policy providers teaming up with cyber security firms to help their clients be better situated to prevent, detect, respond and recover from an attack which would, in turn, mean a less costly claim.
One thing that cyber insurers want their clients to understand is that cyber insurance is NOT a defense. It should only be part of their mitigation or support for if and when an attack happens. Car insurance will not keep you from having an accident but it will help to restore or replace your vehicle if you are in an accident and get you back on the road quicker than if you didn’t have insurance.
While different cyber insurance providers require different security measures to be in place in order to be covered, the one that almost all requires is that their clients use multi-factor authentication. Additionally, if you are using a cyber security specialist or consultant, they can help you implement the measures that an insurance provider requires and attain coverage.
Bottom line…cyber insurance is NOT a substitute for cyber security. They go hand in hand to protect you and help you stay in business and operational.
CYBER NEWS
Your email is a major source of security risks and it’s getting worse
Your email is a major source of security risks and it’s getting worse
Criminals still like using email to phish credentials but ransomware delivered by email has tapered off.
www.zdnet.com • Share
Only 8% of C-suite executives use MFA across a majority of apps, devices
Only 8% of C-suite executives use MFA across a majority of apps, devices
BlackCloak points out that organizations need to do a better job protecting their top executives: some 87% of executives use passwords that have been leaked on the dark web.
www.scmagazine.com • Share
Ukrainian cybersecurity officials disclose two new hacking campaigns
Ukrainian cybersecurity officials disclose two new hacking campaigns
Both efforts relied on malicious documents, officials said.
www.cyberscoop.com • Share
Microsoft: Ransomware gangs are using unpatched Exchange servers to gain access, so get updating
Microsoft: Ransomware gangs are using unpatched Exchange servers to gain access, so get updating
Microsoft says customers should ensure their Exchange server patches are up to date to prevent cyber criminals from deploying BlackCat ransomware.
www.zdnet.com • Share
TIP OF THE WEEK
Summer Travel Cyber Security Tips
“Summer Vacation.” I’ve heard this term before but can’t clearly recall what it means.
Isn’t that something we use to do in the year BC (Before COVID)?
Well, if you’re one of the lucky ones planning that family vacay to Disney, the beach, or the mountains this summer, here are some tips to keep you #CyberSafe:
Be cautious when using public WiFi. If you connect to an airport or hotel guest network, be sure it is the actual official guest WiFi and not a fake setup to steal your login information.
Do not allow your device to auto-connect to detected networks
Don’t access your bank account or credit card account from a public WiFi
Remember to use MFA whenever possible
Do not use USB ports to charge your device. Charge with your own cords and plug directly into a power outlet.
Keep a close eye on your devices in public. Pickpockets are sneaky.
Ensure your device is locked with a code or biometric
Be wary of travel text updates. Some scams include phishing texts that purport to be from an airline or TSA requiring you to renew your PreCheck but it is only a scam to steal your payment information. Always go directly to the TSA, airline, or credit card website. Do not click a link you receive via message.
Use a good, reliable security app such as Lookout (for iOS and Android). You can sign up for a month and it will help protect you from scams.
Try not to alert strangers to the fact that you are not at home. Don’t post about how you’re excited that your trip to Hawaii is June 23-30. Don’t post photos while you are away. Wait until you return to post them to make us all jealous of the luau you went to. ALOHA!
Safe Travels!
VOCABULARY WORD
Breach: The instant when a cyber attacker is able to exploit a vulnerability in your device to gain access to your data and network.
CYBER HUMOR

Filed Under: Blog

Footer

CONTACT US

COMMONWEALTH SENTINEL

1230 US Highway 127 S
Suite #5
Frankfort KY 40601
(502) 320-9885

EMAIL US

ABOUT US

Cyber security consulting for local governments, non-profit organizations, and small businesses facing the threats of the cyber world.  At Commonwealth Sentinel, we are passionate about helping people be cyber-safe!

FOLLOW US

  • Email
  • Facebook
  • LinkedIn
  • Phone
  • Twitter
  • YouTube

Copyright © 2023 Commonwealth Sentinel

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT