The Risk Roundup is our weekly collection of curated content that relates to all things digital risk management. Members of the Coalition team have pulled together their favorite posts from the week that highlight relevant trends in cybersecurity and cyber insurance. Enjoy our TL;DR and useful snippets on topics we’re keeping a close eye on.
Insurtech companies like Coalition sit at the intersection of technology innovations and traditional insurance offerings. Every day we generate billions of data points to assess and underwrite cyber risk. We turn this data, which is often only used for underwriting decisions, into security intelligence such as alerts that organizations can use to manage and reduce their attack surface. We offer access to this data through Coalition Control
, our integrated risk management platform, which we recently made available for free for all organizations
. (Yes, really).
1. How insuretech is becoming the next digital ecosystem
Carriers routinely describe how big of an advantage their claims history and data are; however, many are not using this data to their full advantage. Coalition collects and acts on data in real-time for our underwriting model to put out a more competitive quote and help our insureds avoid taking on unknown exposure. Taking quality data and turning it into immediate action gives us a competitive advantage over most carriers. – Ross Warren, Production Underwriter
2. Federal zero trust strategy
This could be the moment for zero trust to finally go mainstream. We saw the same thing with the NIST definitions
of cloud computing finally snapping things into focus and providing widely understood terms rather than just everyone slapping a marketing label on their products. – Aaron Kraus, Security Engagement Manager
3. Microsoft has $20 billion hacking plan
Cybersecurity isn’t a money problem — it’s a complex resource problem. We’ve seen data breaches where companies have expensive tools in place, but lack skills, robust processes, or even the ability to perform basic alert blocking and tackling. Attackers leverage these weaknesses to bypass all the shiny security tools and deploy ransomware. Investing money in cybersecurity tools is only part of the solution; the other is effort, people, and processes to maximize investment in tools and defense-in-depth. – Tommy Johnson, Cyber Security Engineer
4. Stop talking about a "cyber 9/11"
Cyber attacks are all about asymmetric acts that will not
provoke a kinetic response at the nation-state level; it’s a tool of economic espionage, not terrorism. It would be more accurate to say that cyber attacks will continue to increase business owners’ costs dramatically. To make the burden manageable, we need national policies and strategic guidance provided in language that an average business owner can understand. Providing incomprehensible guidance to business owners is a disservice, as it leaves them unable to take action, identify necessary protections, or own their part of the solution in preventing a “9/11 cyber attack." – Jeremy Turner, Head of Threat Intelligence
If you enjoyed this post be sure to check our blog weekly; the Risk Roundup runs Friday mornings in addition to more enlightening content we post related to the ever-evolving landscape of digital risk. Follow us on Twitter (@SolveCyberRisk
), LinkedIn (Coalition Inc
), and Youtube
. If you have any suggestions for content that we should be adding to our reading list, let us know!