NetDiligence Launches New Video Series “Qualifying for Ransomware Insurance”, Streaming Now in eRiskHub
NetDiligence partnered with Kroll to analyze dozens of cyber insurance applications and ransomware supplementals and develop a 10-part video series to help insurance buyers better understand and answer key questions around backups, detection and response, multifactor authentication, and more.
PHILADELPHIA, July 7, 2021 – NetDiligence®, a leading provider of cyber risk readiness and response services, and Kroll, the world’s premier provider of services and digital products related to governance, risk and transparency, today announced the launch of “Qualifying for Ransomware Insurance”, a 10-part video series covering key questions from insurance applications and ransomware supplementals and providing expert guidance for organizations seeking a new policy or negotiating a renewal. All 10 videos are streaming now in the eRiskHub® portal.
NetDiligence and Kroll aggregated and analyzed dozens of cyber insurance applications and ransomware supplementals to define the most common questions across 10 fundamental security controls. Cybersecurity experts from Kroll were enlisted to discuss the risks, highlight the importance of each control and provide answers. These questions bridged the cyber incident lifecycle from proactive measures through incident response planning, with the majority relating to access controls, multifactor authentication (MFA), securing backups, and managed detection and response (MDR).
Mark Greisiger, president of NetDiligence, interviewed Kroll experts on each of the controls with a focus on good cyber hygiene to qualify for the best ransomware coverage.
The 10 security control areas covered in the eRiskHub videos are outlined below:
- Backups: with the increased risk from ransomware, having validated, segmented, and protected backups is crucial. The video includes recommendations for how often and where to back up your data, as well as the importance of keeping a copy of certain items, with commentary from Jeff Macko, associate managing director in Kroll’s Cyber Risk practice
- Security Culture, Training & Phishing: Security culture including training and phishing is a key step in mitigating the risk of ransomware within an organization. In this video, Kroll managing director Stacy Scott discusses the importance of educating employees on identifying phishing emails and training employees on good cyber hygiene.
- Multifactor Authentication (MFA): having the right authentication controls can profoundly improve your security against ransomware. In this video, Devon Ackerman, managing director and head of incident response for Kroll’s cyber risk practice in North America, covers the importance of enabling MFA to verify the person logging in.
- Virtual Private Network (VPN): Devon Ackerman breaks down the vulnerabilities of VPNs and the ways they are targeted by threat actor groups.
- Remote Desktop Protocol (RDP): Devon Ackerman discusses the risks of connecting to a network through RDP and the importance of setting up additional security protocols.
- Incident Response Planning: Having and following an incident response plan can help your organization greatly minimize the impact of an incident. In this video, Chris Ballod, associate managing director in Kroll’s Cyber Risk practice, discusses the importance of creating and consistently testing and revising your incident response plan.
- Infrastructure and Segmentation: Segmenting your network to make it harder for attackers to move from one system to the rest of the network is crucial in mitigating future ransomware attacks. Chris Ballod covers how segmentation works and effective applications.
- Access Control: Threat actors are often able to compromise a single device in the network, but with the right access controls in place it is harder for them to elevate privileges and gain control of larger portions of the network. In this video, Kroll senior vice president Isaiah Jensen covers the least privilege access principle and how to implement it.
- Endpoint Detection and Response (EDR): A fine-tuned EDR program can identify compromises before threat actors have a chance to steal data or deploy ransomware. In this video, Mari DeGrazia, associate managing director in Kroll’s Cyber Risk practice, discusses how endpoint solutions can provide enhanced visibility and allow quicker detection and response actions.
- Email Hygiene: Email is the easiest and most popular vector leveraged by threat actors. In this video, Kroll managing director Keith Novak discusses how securing your email environment, both on-premise and in the cloud, is vital in protecting your organization from these attacks.
Mark Greisiger commented: “Skilled threat actors behind ransomware attacks create an ongoing battle for both policyholders and cyber insurance carriers, with a threat landscape that changes literally every day. Our cyber carrier partners know this and strive to educate their SME insureds on must-have safeguard controls to maintain coverage. We are delighted to make these anti-ransomware training videos available to help, including optional vendor support to help with hands-on remediation if needed.”
— # —
NetDiligence® specializes in Cyber Risk Readiness & Response services. With 20 years of experience in cyber, NetDiligence is an award-winning provider of innovative cyber risk management software and services to the insurance industry, including QuietAudit® Cyber Risk Assessments, the eRiskHub® cyber risk management portal, and Breach Plan Connect®, a securely hosted solution designed to help senior managers plan and execute their organization’s response to a cyber incident, and which also includes a free mobile app for convenient access and alternative means of communication if company systems are compromised. NetDiligence publishes an annual Cyber Claims Study and traditionally hosts annual Cyber Risk Conferences in Philadelphia, Santa Monica, Toronto, London, and Bermuda. NetDiligence also offers a variety of virtual programs that are free of charge to attendees and qualify for CE/CLE credits. For more information, visit https://netdiligence.com.
Kroll is the world’s premier provider of services and digital products related to governance, risk and transparency. We work with clients across diverse sectors in the areas of valuation, expert services, investigations, cyber security, corporate finance, restructuring, legal and business solutions, data analytics and regulatory compliance. Our firm has nearly 5,000 professionals in 30 countries and territories around the world. For more information, visit www.kroll.com.