Cyber Security Awareness Month is coming to a close. But at Corvus, we consider helping insureds defend against bad actors in the cyber world to be a year-round job. We hear it from our partner brokers and their clients, too: in a risk environment that is constantly evolving, it’s not enough just to transfer risk through insurance products — policyholders must proactively evaluate and address cybersecurity weaknesses.
In honor of Cyber Security Awareness month, we are sharing the three most common security gaps our policyholders have identified and addressed based on the Corvus Scan.
But first, how do we get this information? As we run tests on the web-facing assets of our policyholders with the Corvus Scan, we form a view of the cybersecurity posture of their organization and prioritize recommendations on how to shore up any cyber weaknesses. We share this information with both brokers and policyholders in the form of a Dynamic Loss Prevention (DLP) Report, delivered upon the start of a policy and quarterly thereafter.
We regularly hear from brokers that the DLP has helped their clients to correct the issues, reducing the risk of attack for insureds. Today we’re sharing a few of those examples from our policyholders, in the most common cybersecurity concerns we see.
Email authentication is a technical means of verifying that the sender of an email is who they claim to be. The value of having this enabled through your email provider can not be understated as phishing attempts are on the rise (in 2018, 83% of people received phishing attacks worldwide) and are considered to be the most common of all cyber attack methods.
This is one of the simplest pieces of information that the scan identifies, but it’s also one of the most commonly addressed by our policyholders. In a recent example, one of the many small/medium-sized municipal governments that Corvus provides Cyber coverage to reached out to us upon receiving their first quarterly DLP Report. The report noted that the email authentication feature had not been enabled on their email server, opening them up to potential risk. After correcting the issue, the municipality offered additional training to employees, focused on defending against phishing and hacking attempts.
End-of-life Software is simply a software program or service that is no longer updated and/or supported by its producer. This software lifecycle stage often also means that there will be no future security updates or patches, leaving the software and its underlying services vulnerable to breach as cyber attackers become more sophisticated.
This is the second most common issue we see addressed by our policyholders. When a regional gas station and convenience store chain reviewed their DLP Report they noticed that the Corvus Scan discovered one of their servers was running end-of-life software. Concerned that this could lead to potential infiltration of their system and business interruption (resulting in loss of revenue, and/or reputation) the insured was happily connected with one of our pre-breach services vendors to correct the issue.
A port is a communication point for a server that allows an external service or program to pass through data or perform an action based on the specific port’s function. While having a port that is open for communication is not always a potential risk, dangerous or vulnerable software can be hosted through an open port so it’s important to be restrictive about what is left open. Sometimes, ports are left open and then forgotten about, or opened without the knowledge of IT. These can present a vulnerability.
The discovery of open ports that were previously unknown to the insured is the most common issue we’ve heard policyholders have addressed. Recently, for example, a Corvus policyholder in the industrial metals industry reached out to us after receiving their first quarterly updated Dynamic Loss Prevention Report. The company’s head of IT and Head of Systems were surprised to see that there were open ports they didn’t recognize, and wanted to dig deeper. Upon review of the Low Reputation IP section of the report, the insured discovered that several of the IPs noted were from Amazon Web Services (AWS) hosts, which seemed strange since the company did not officially utilize any AWS services in their technology stack. Our Data Science team was able to identify the open ports allowing the IT department to resolve the issue and avoid potential hacking.
Want to help your clients find and fix IT issues?
Time and again we see the brokers delivering the highest value and satisfaction to their clients are those that focus on more than just post-breach remediation. Being cyber ready is about education and vigilance, two principles we take very seriously at Corvus.
It’s our goal to spread cybersecurity awareness beginning with the empowerment of our partner brokers. By giving them important tools to better understand the key risks that face their clients, we’re helping them guide policyholders toward the right coverage.
Have any questions on the Corvus Scan or the DLP? We’d love to hear from you. Email us at firstname.lastname@example.org.
Mike Karbassi is Vice President and Head of Cyber Underwriting at Corvus. He specializes in Network Security, Privacy Liability, Technology E&O, Media Liability, and Miscellaneous Professional Liability. Karbassi has over a decade of experience in insurance and is a graduate of the Boston University Questrom School of Business.
Gerritt is the Chief Commercial Officer at Corvus. He has over 20 years of sales and marketing experience, primarily focused on technology and data solutions for the financial services industry.
James co-founded Corvus and is the company’s Chief Technology Officer. A 30+ year technology veteran, Jaimie most recently served as CTO of Iora Health and previously co-founded Gazelle.
Mike Lloyd is the Co-Founder and Chief Product Officer of Corvus Insurance. Previously, Mike co-founded Poncho, a personal lines agency InsurTech startup, and was a venture investor at FJ Labs. Mike has an MBA from Harvard Business School and engineering degrees from Virginia Military Institute and MIT.
Phil is the founder and CEO of Corvus. A 30+ year insurance veteran, Phil co-founded broker William Gallagher Associates (acquired by Arthur J Gallagher in 2015) and was an active leader in both the Worldwide Broker Network and Council of Insurance Agents and Brokers. Phil is the Managing Partner of Edmus Ventures where he invests in InsurTech companies including Verifly, Wellthie, Agentero, and Cover Wallet, and serves on the board of Cover Wallet.