04.27.21
Jason Rebholz

Corvus vCISO: Your Clients’ New (Virtual) Cybersecurity Pro

 

[DIAGRAM] Corvus vCISO: Your Clients’ New (Virtual) Cybersecurity Pro

Today we’re announcing an exciting new phase in our risk mitigation efforts at Corvus: the vCISO experience for policyholders. 

Corvus was founded on the idea of building a safer world. While we’ve pursued a number of initiatives to further our mission over time, the heart of our efforts remains the education and personalized data we provide brokers and policyholders to reduce cyber risk.  

From the very first Smart Cyber Insurance policy, we’ve offered IT security reports that provide scores, benchmarking, and recommendations. Over time we’ve refined and added to these reports based on the findings of our data science team — additions that include pre-filled risk calculators, a ransomware risk score, and more. 

Today we’re announcing an exciting new phase in our risk mitigation efforts at Corvus: the vCISO experience for policyholders. 

What is vCISO?

vCISO (Virtual Chief Information Security Officer) is a dynamic view of cybersecurity risk management and recommendations that have been consolidated from multiple sources. Every policyholder now has a vCISO tab in their Policyholder Dashboard. There, they’ll see recommendations sourced from:  

  • The Dynamic Loss Prevention Report

    • The output of our proprietary IT security scan that locates cyber vulnerabilities by looking at an organization’s IT system from the outside-in (refreshed quarterly, at minimum)

  • Cybersecurity Alerts

    • Dynamically updated alerts regarding recent, severe cybersecurity issues

  • The vCISO Assessment

    • A review of security policies and programs at the policyholder’s organization (recently launched along with the vCISO experience)

[DIAGRAM] vCISO Policyholder Dashboard

 

Each recommendation contains specifics about what Corvus found, what steps policyholders should take next to mitigate risk, and links to further resources developed by our Risk & Response team. It will also mention if there are any Risk & Response services (complimentary or reduced-cost benefits for policyholders) that will help with the particular issue at hand.  

Upon viewing the vCISO tab, some recommendations may show as “locked” if the policyholder has not yet filled out the vCISO Assessment. This series of questions takes only a few minutes; anything that’s unknown may be left blank and returned to later. The vCISO tab will automatically update with the results from the assessment once it’s complete.

[DIAGRAM] vCISO Policyholder Dashboard - Recommendations

As a policyholder’s IT team or provider works through the vCISO’s list of recommendations, they may mark each complete to remove it from the priority list. The actions found in vCISO potentially improve the policyholder’s Corvus Score, placing them in a better position upon renewal of their cyber insurance policy. And most importantly, they will make the policyholder’s organization safer. 

[DIAGRAM] vCISO Policyholder Dashboard - No Action Needed Items

Why Did We Build vCISO?

We’ve had the honor of helping countless policyholders discover previously unknown vulnerabilities with the help of our Dynamic Loss Prevention reports. But when it comes to prioritization, a few missing pieces of the puzzle could often hinder the delivery of complete information that a policyholder needs.  

Especially when it came to internal policies and practices — whether an organization performs regular phishing awareness tests on its employees, for instance — we often gathered information via direct conversations with policyholders and provided on-the-fly adjustments to our recommended steps based on what we learned from them. While this was effective, it wasn’t always fast and made it difficult for policyholders to get a full picture of their security in one place that they could reference again and again.  

Now, a policyholder can find the most up-to-date (and complete!) information available about their cybersecurity posture with just a few clicks. vCISO automatically updates based on new DLP reports (re-scanned each quarter), new alerts added by the Risk & Response team, or changes to the Assessment answers.

Hands-on Help

The personal touch of Corvus’s Risk & Response team isn’t going away. Far from it. With vCISO, discussions with policyholders are more productive. Rather than going through a series of basic questions over the phone or email, our experts jump straight into the good stuff: reviewing recommendations, explaining risk scores, and providing any additional insights and detail needed to make sure that policyholders are equipped to take action. Access to the team, as always, is available directly from the platform or by email.  

[DIAGRAM] vCISO Policyholder Dashboard - Help Section

Next Steps for Brokers

See a quick preview of what’s available with vCISO in the video below or click here for our deep dive for policyholders in our Knowledge Nest. 

If you'd like to see a full breakdown of vCISO from Lauren Winchester, VP of Smart Breach Response, stream the on-demand recording here!

 

[RELATED POST] Common Cyber Myths, Debunked

Common Cyber Myths, Debunked

When cybersecurity (tech-oriented) and insurance (complicated) meet, there’s bound to be some misconceptions. The mixing of two worlds invites some confusion, so we’re welcoming you to our judgment-free zone. We’ll get straight to the point by debunking some common myths we’ve seen or heard first-hand circulating about cyber insurance.

[RELATED POST] Talk the Talk: Cyber Insurance Terminology Guide

Talk the Talk: Cyber Insurance Terminology Guide

Talk our talk, then walk the walk. For even the savviest agents, business insurance can be complicated. Add in the fast-paced, frequently evolving risks of cyber, and you’ve got a recipe full of tech-oriented terms that aren’t always forgiving to beginners, policyholders, or even seasoned pros.