Cyber Liability Insurance Is in Demand

The average cost of a U.S. company data breach is $9.5 million. That potential exposure is daunting, so in order to attract insurance providers, companies must have their own security plans in place. Without comprehensive cyber protection, they won’t be able to afford – or even qualify for – insurance. By understanding the threats and educating their clients about how to strengthen their security, insurers can protect themselves and grow their businesses.

Cyberattack Insurance Is Evolving

In this young, rapidly changing industry, there is very little standardization among policies. Being able to protect against and prepare for a cyberattack is complex because there are many ways to breach data. Without understanding the breadth of risks, Insureds may not even know what steps they should be taking to make themselves insurable. They may seek guidance from their insurance companies. Accordingly, insurance companies must develop plans to accurately assess and monitor their customers. 

Insurance against a Cyberattack Must Be Proactive

The insured may have a security plan in place, but in the fluid world of ransomware and hackers, that plan will need constant refreshing to ensure it can respond to the latest threats. Insurance companies need to analyze the damage both before and after a cyberattack to understand how to evolve more effective underwriting controls. These policies are not a set-it-and-forget-it product. Insuring against a cyberattack demands constant vigilance, partnerships with data and analytics providers, cybersecurity professionals, and trusted threat detectors.

Preparation for Cyberattacks Must Be Multi-faceted

In providing guidance and oversight to their clients, two of the most important security measures to be considered are a backup and resolution plan and training for employees. According to a piece in The Wall Street Journal, hackers are successful because the human brain is wired to ignore certain warnings, so the human error factor should not be underestimated. 

Insurers will want to verify that there are layers of security controls in place, including endpoint monitoring and response, cloud security and response, multi-factor authentication, and file encryption. Engaging a cybersecurity firm to offer a risk assessment and recommendations before the policy is issued can ameliorate risk.

Find a Trusted Partner

The best way to avoid a cyberattack is to prepare for a cyberattack. By investing in planning and early assessment, insurers can protect themselves and their customers. Staying informed of the latest trends and risks in ransomware is essential. As trusted cybersecurity specialists, Avasek provides their clients with security consulting, vulnerability assessment, and managed detection and response,  all of which will make any organization more attractive to insurers. 

Find out more about how Avasek can assist your operation to protect your data and your bottom line.

The post How to Better Prepare Cyber Insurance Policyholders for Impending Attacks appeared first on Avasek.

Visit here: https://netdiligence.com/conferences/cyber-risk-summit-fort-lauderdale-2023

The post NetDiligence Cyber Risk Summit – Ft. Lauderdale 2023 appeared first on Avasek.

Visit here to learn more: https://netdiligence.com/conferences/cyber-risk-summit-toronto-2023

The post Net Diligence CyberRisk Summit – Toronto 2023 appeared first on Avasek.

Avasek’s Incident Response involves a rapid deployment of its detection resources, secure post-breach restoration, and ongoing, proactive security. They work with insurers, breach coaches, forensic professionals, and direct clients to give their customers the swiftest restoration possible. 

“The NetDiligence® Cyber Risk Summit in Toronto is the perfect place to kick off our expansion,” said Chris Martinez, Director of Operations. “Canada is a big opportunity for us to extend our services to organizations in need of full-service cyber resiliency support.”

The NetDiligence® Cyber Risk Summit provides insights into new trends in the Canadian cyber insurance market. Avasek understands the importance of risk assessment and ongoing multi-level security for companies who are seeking cyber insurance.

“Insurance companies are looking for some measure of confidence when they underwrite,” said David Humphreys, President of Avasek. “The guidance Avasek can provide helps insurers to evaluate potential clients and request changes or upgrades to their cybersecurity.” 

Hosting services are another trusted component of Avasek’s business. Their private cloud hosting means that Avasek can move client systems to its own servers as they rebuild the clients’ environments without risk to forensic evidence.  Their comprehensive approach to Incident Response will make Avasek a valuable resource for Canadian organizations. 

For more information, contact Chris Martinez, Director of Operations, at chris.martinez@avasek.com.

To access the Canadian website, head to https://avasek.ca/.

About Avasek

Our passion for helping clients quickly recover from cyberattacks – and our supportive security capabilities – make Avasek a valued partner for our clients during systems restoration and into the future.  We care beyond the restoration and rebuild of compromised systems by providing secured services to improve cyber resiliency and prevent further attacks going forward. We are committed to ensuring our clients’ platforms remain safe and secure.

The post Avasek Expands, Bringing Their Incident Response Expertise to Canada appeared first on Avasek.

2022 was another busy year for our Incident Response team. Whether it was responding to a breach onsite, or remote restoration, there were some consistencies we found as to how threat actors were able to get in. Here are our findings for what we saw most in 2022. 

Matt Pippin, Director of Incident Response, says the top two causes for compromise in 2022 were not patching or updating systems as well as a lack of user education. Let’s break it down.

Patch Management 

Patch Management is an important part of systems management and involves monitoring systems for updates and installing patches that may change features, correct bugs, and most importantly, fix critical security vulnerabilities. 

Pippin says, “We see servers running Server 2008-2016 that are online and not patched.” Some IT teams may hold off on installing patches and test them to ensure they don’t disrupt critical systems within their environment, but as Pippin emphasizes, not patching systems is usually “due to a lack of IT resources.” In our review of 2022, there were three distinct areas of compromise for unpatched systems. 

Areas of Compromise for Unpatched Systems 

Apache Log4j vulnerability, also known as Log4Shell, is a vulnerability on the Apache Log4j 2 Java Library. It is a Remote Code Execution (RCE) vulnerability that’s been given a threat rating of CVSS-10, which is considered the most critical and rarely assigned to a vulnerability. It is also the top compromise Avasek’s Incident Response Team saw in 2022. Does that mean all Log4j compromises were on unpatched systems? Not necessarily. Four patches have been released since the discovery of the Log4j vulnerability, two of which had vulnerabilities of their own. So, what can businesses and IT teams do to protect themselves from this ongoing, critical security vulnerability? 

“For any system that has the Log4j vulnerability, remove its exposure to the internet,” says Pippin. “If that’s not possible then limit traffic to it from only known and verified good sources. Outside of those things, putting MFA for logins on the system as well as isolation from the main production network will help as well. There are other things that can be done depending on what the system is used for but getting an Avasek Security Assessment would help determine other avenues of protection.” 

George Zilahi, Director of Managed Services, adds, “Make sure Remote Desktop Protocol (RDP) is not publicly accessible. It should only be behind a VPN or inside the network. Vulnerability assessments should also be done regularly.” This leads us to the other top two areas of compromise we saw in 2022 for unpatched and updated systems: Exchange servers and firewalls. Even if IT resources are minimal, keeping an eye out for critical system patches and updates, and most importantly installing them, can help reduce your company’s chance of compromise. 

User Error Can Leave Your Organization Vulnerable 

Now let’s turn to the other top cause of compromise we saw in 2022, which is lack of user education. More specifically, lack of security awareness education. Phishing, as defined by NIST, is “A technique for attempting to acquire sensitive data, such as bank account numbers, through a fraudulent solicitation in email or on a web site, in which the perpetrator masquerades as a legitimate business or reputable person.” But not all phishing attacks are the same, and from what Avasek’s Incident Response team saw in 2022, spear phishing attacks took the top spot.

You might be asking, “What’s the difference between phishing and spear phishing?” Phishing broadly describes an attack that’s designed to get someone to take action, like clicking a link in a mass spam email. Spear phishing is simply a targeted phishing attack. The cybercriminal, for example, may be looking for specific information that only one or two individuals at an organization have. They then use techniques like social engineering to gain that individual’s trust to get the desired information, which in turn, is used to execute the cyberattack. 

It should come as no surprise to anyone that phishing attacks are not going away anytime soon. In fact, they’re increasing day-by-day. Messaging security company, SlashNext, conducted a study analyzing “billions of link-based URLs, attachments, and natural language messages in email, mobile and browser channels over six months in 2022 and found more than 255 million attacks – a 61% increase in the rate of phishing attacks compared to 2021.” Additionally, global technology company, Acronis, says that the average cost per data breach could reach more than $5 million in 2023. 

Educating your employees on security awareness and what to watch out for is a vital step in protecting your company from these types of attacks. Training company, KnowB4, notes that, “Old-school awareness training does not work anymore, and email filters have an average 7-10% failure rate.” Regular monthly simulated phishing attacks, in addition to continued education, can help dramatically reduce a company’s phishing risk. 

Final Thoughts

While this is not an all-inclusive list of every top compromise in 2022, we thought it best to share what our team saw most over the past year, along with some insights to help you, your company, and employees stay secure.

Contact us for more information on a security assessment or to learn how Avasek can help protect your organization.

The post The Top Causes of Cyberattacks in 2022— according to Incident Response Professionals appeared first on Avasek.

With this in mind, here’s what you need to know about protecting your organization when it comes to SaaS platforms.

Understanding the Shared Responsibility Model

Perhaps the most important thing to remember when using SaaS tools is that many providers operate on the Shared Responsibility Model (SRM). As the name suggests, SRM puts an onus on both the software provider and the end-user to maintain good security and robust data handling practices.

An example of SRM in action would be Google scanning a file for known vulnerabilities as it is uploaded to a company’s Google Drive folder by a Workplace user. When that file is later downloaded by another user, Google may check it again for malicious code, but it is also the responsibility of a company to run its own security examination, making sure the file is safe to run on its network.

Likewise, a company is responsible for how Microsoft 365 interfaces with other tools it uses. Incompatibility issues that could threaten the integrity of key files or programs should therefore be reported back to the SaaS provider so that those issues may be addressed.

While SRM is a good practice in the world of SaaS tools, errors will inevitably occur. According to a survey by the Cloud Security Alliance, 43% of organizations have experienced at least one security incident or malfunction linked to SaaS misconfiguration. 

Ransomware attacks are on the rise

Even in the most rigorously maintained SaaS environments, security lapses happen. It only takes one employee to mistakenly click a link from a spoofed email address, and before they realize it, ransomware is spreading like wildfire throughout the company, locking up vital data.

Profit-driven malicious attacks are a big business for the bad guys. As reported by InfoSecurity, ransomware attacks are on track to cost global businesses more than $30 billion in 2022, with some expecting that figure to climb as high as $265 billion by 2031. With more and more SaaS platforms making their way into organizations, the surface area for ransomware attacks is growing exponentially.

Accidental file deletion is a frequent problem

Theft is not the only threat to information hosted on SaaS platforms; user error is also a major risk. Both Google Workspace and Microsoft 365 have data retention settings, allowing administrators a level of control over the time that files are held on cloud-based servers. But should those rules be misaligned, then important data can be scrubbed.

A 2016 questionnaire of over 1,000 IT professionals in the U.S. and the U.K. found inadvertent deletion was the principal cause of data loss on SaaS networks. The study – carried out by EMC’s Spanning –  also found many companies mistakenly believed SaaS providers are primarily responsible for recovering data lost by users. Once again, SRM plays a significant role in data management.

Avasek SaaS Protection provides a 1-click backup solution

The most important aspect of any data recovery planning is to make sure you have adequately backed up your information before anything bad can happen. This is why Avasek has partnered with widely-trusted data backup operator Datto to provide institutions with a backup and recovery solution that works inside of Google Workspace and Microsoft 365.

For a low cost per license, Avasek’s SaaS Protection automatically backs up files three times a day, ensuring you always have a fresh copy of your important data. Avasek’s flexible data retention rules allow you to decide what is kept and for how long. And should the worst happen, our 1-click recovery solution ensures you can get information back, all in a non-destructive manner.

So whether it’s emails to your customers, or spreadsheets from your clients, Avasek’s SaaS Protection is always backing up your information, making sure it’s only a click away should the worst happen. 

The post SaaS Protection with 1-Click Backup: How to Safeguard your Business from Data Loss appeared first on Avasek.

This year’s theme is “It’s easy to stay safe online,” which reminds users that there are plenty of simple ways to protect your personal information and secure private data when using the internet. 

What is cybersecurity, and why is it important?

Cybersecurity is the practice of safeguarding and restoring data from devices, programs, or networks. Cybercriminals can steal all sorts of data, including, but not limited to: health records, personal data, or intellectual property. 

In a digital age, we have significantly increased our use of tech and cloud-based services, which means our data is now at greater risk of being hacked now more than ever. Now more than ever, be aware of what information you share with others and how that information is distributed.

What are the most common cybersecurity threats?

Potential risks to cybersecurity come in a wide variety of forms. If you don’t employ the greatest cybersecurity measures, each of these dangers has the potential to result in a data breach.

Lack of attention to cybersecurity can harm your organization in a variety of ways, such as:

• Ransomware: Is a kind of malware that restricts users’ access to their computer systems or personal files and demands ransom money to allow users to access again.

• Malware: Malware is software created explicitly to interfere with, harm, or gain unauthorized access to a computer system.

• Denial of service: A Denial-of-Service (DoS) attack aims to bring down a computer system or network so its intended users cannot access it. DoS attacks do this by providing information that causes crashes or flooding the target with traffic.

• Phishing:  Hackers employ this method to send phony emails or messages that seem to be from a reliable source. Cybercriminals can create these messages or emails by impersonating individuals you know, such as friends, coworkers, or other reputable businesses. 

How can you defend your business against cybercrime?

You can boost security and lower the danger of cybercrime by implementing the following practices within your organization:

• Educate your staff – Inform your staff members of good cybersecurity practices when creating platforms for work resources, including company emails, computer logins, or data transfers within your organization. 

• Secure your devices – Your company’s information and valuable data might be at risk for possible data breaches if your company devices are left unattended, misplaced, or stolen. 

• Update your devices regularly – Always check to ensure that your devices have the latest software when prompted to make the updates when the updates indicate bugs or security-specific updates. This will significantly lower the chances of your devices being hacked.

• Build up your resource library – To give your team additional resources, we recommend you check out some of our blogs, including: What is Ransomware? What can you do to protect yourself?, 5 Basic Network Security Tips for Small Businesses, and The Life of a Phish.

• Act swiftly in case of a breach – Suppose you sense that your organization may have been hacked, contact Avasek’s Incident Response team for help with mitigating the damage to your organization, your customers, and your reputation.

• Become cyber resilient – Your data’s security is essential, which means that you need to have the right security systems in place to defend your organization against future attacks before they happen. Contact us today to learn more about how Avasek can help make your organization cyber resilient.

The post Is your organization’s data protected from potential cybersecurity threats? appeared first on Avasek.

Join Avasek at the event, and enjoy a full day of in-person learning, networking, and business discussion.

For more information, please visit 2022 Cyber Risk Insights Conference – New York.

WHEN: October 25, 2022 | New York Marriott Marquis

The post 2022 Cyber Risk Insights Conference – New York appeared first on Avasek.

For more information, please visit: https://www.crowdstrike.com/events/fal-con/

WHEN: September 19 – 21, 2022 | Aria Resort & Casino, Las Vegas

The post Fal.Con 2022 appeared first on Avasek.

For more information, please visit: https://www.dattocon.com/

WHEN: September 13th, 2022 | Washington, D.C

The post DattoCon appeared first on Avasek.