04.27.21
Nathan Smolenski

Corvus vCISO is here: meet your clients’ new (virtual) cybersecurity pro

 

vciso blog graphic

Corvus was founded on the idea of building a safer world. While we’ve pursued a number of initiatives to further our mission over time, the heart of our efforts remains the education and personalized data we provide brokers and policyholders to reduce cyber risk.  

From the very first Smart Cyber Insurance policy, we’ve offered IT security reports that provide scores, benchmarking and recommendations. Over time we’ve refined and added to these reports based on the findings of our data science team — additions that include pre-filled risk calculators, a ransomware risk score and more. 

Today we’re announcing an exciting new phase in our risk mitigation efforts at Corvus: the vCISO experience for policyholders. 

What is vCISO?

vCISO is a dynamic view of cybersecurity recommendations that have been consolidated from multiple sources. Every policyholder now has a vCISO tab in their Policyholder Dashboard. There, they’ll see recommendations sourced from:  

  • The Dynamic Loss Prevention Report — the output of our proprietary IT security scan that locates vulnerabilities by looking at an organization’s IT system from the outside-in (refreshed quarterly, at minimum)
  • Cybersecurity Alerts — dynamically updated alerts regarding recent, severe cybersecurity issues
  • The vCISO Assessment — a review of security policies and programs at the policyholder’s organization (recently launched along with the vCISO experience)

 

Each recommendation contains specifics about what Corvus found, what steps policyholders should take next, and links to further resources developed by our Risk & Response team. It will also mention if there are any Risk & Response services (complimentary or reduced cost benefits for policyholders) that will help with the particular issue at hand.  

Learn all about vCISO in our next webinar, May 18th! Register today.

Upon viewing the vCISO tab, some recommendations may show as “locked” if the policyholder has not yet filled out the vCISO Assessment. This series of questions takes only a few minutes; anything that’s unknown may be left blank and returned to later. The vCISO tab will automatically update with the results from the assessment once it’s complete.

As a policyholder’s IT team or provider works through the vCISO’s list of recommendations, they may mark each complete to remove it from the priority list. The actions found in vCISO potentially improve the policyholder’s Corvus Score, placing them in a better position upon renewal of the policy. And most importantly, they will make the policyholder’s organization safer. 

Why did we build vCISO?

We’ve had the honor of helping countless policyholders discover previously unknown vulnerabilities with the help of our Dynamic Loss Prevention reports. But when it comes to prioritization, a few missing pieces of the puzzle could often hinder the delivery of complete information that a policyholder needs.  

Especially when it came to internal policies and practices — whether an organization performs regular phishing tests on its employees, for instance — we often gathered information via direct conversations with policyholders, and provided on-the-fly adjustments to our recommended steps based on what we learned from them. While this was effective, it wasn’t always fast, and made it difficult for policyholders to get a full picture of their security in one place that they could reference again and again.  

Now, a policyholder can find the most up to date (and complete!) information available about their security posture with just a few clicks. vCISO automatically updates based on new DLP reports (re-scanned each quarter), new alerts added by the Risk & Response team, or changes to the Assessment answers.

Hands-on help

The personal touch of Corvus’s Risk & Response team isn’t going away. Far from it. With vCISO, discussions with policyholders are more productive. Rather than going through a series of basic questions over the phone or email, our experts jump straight into the good stuff: reviewing recommendations and providing any additional insights and detail needed to make sure that policyholders are equipped to take action. Access to the team, as always, is available directly from the platform or by email.  

Next steps for brokers

See a quick preview of what’s available with vCISO in the video below or click here for our deep dive for policyholders in our Knowledge Nest. 

If you'd like to see a full breakdown of vCISO from Lauren Winchester, VP of Smart Breach Response, and me, Nate Smolenski, join us May 18th for our next free webinar - sign up here! 

Listen In: Corvus Founder on Growing an Insurtech & More Insights

Corvus Founder and CEO Phil Edmundson sat down (virtually) with VentureFizz to discuss his business beginnings, innovation in insurance, and what makes Corvus successful. If you’re looking to hear more on all those topics, plus paper route nostalgia, the early pitfalls of cyber insurance, and where insurtech can go from here, listen to the full podcast on VentureFizz.com. 

Mitigating Vendor Risk: Three Steps to Protect Your Organization

On Thursday April 15th, our VP of Smart Breach Response Lauren Winchester participated in a webinar with Jennifer A. Beckage, Esq., CIPP/US, CIPP/E, Managing Director and Daniel P. Greene of Beckage, a full-service tech firm to provide methods to reduce organizational risk. You can read our favorite takeaways below and watch the full webinar here