SlideShare uma empresa Scribd logo

12 Critical Cyber Controls for Insurance.pptx

Transferir como PPTX, PDF
M
Mike Mihm

12 Critical Cyber Controls for Insurance

Tecnologia
1 de 8
A business of Marsh McLennan 12 Critical Controls Needed for Insurance 2022 Cyber Insurance Update: US & Canada Cyber Practice
2 *New Dark Web Audit Reveals 15 Billion Stolen Logins From 100,000 Breaches (forbes.com) Vendors highlighted in yellow are Marsh Catalyst vendors Key Controls Proposed Solutions Key Control The Issue Solutions (non exhaustive) How Marsh Can Help 1. Multi-Factor Authentication (MFA) Controlled Access Ransomware attacks often start with compromised credentials. MFA is a method to validate or verify a user’s request to access an IT resource, by requiring the user provide two or more pieces of evidence to be authenticated. This can help thwart ransomware attacks. MFA solution (RSA SecureID, Duo, Okta, Ping Identity, LastPass, etc.), Password, Data Protection & Access Management Policies • Review your organization’s current practices • Provide support for MFA solution selection and deployment • Develop/ review Information Security Policies: Password, Data Protection & Access Management Policies 2. Secured & Tested Backups Attackers are looking to delete backups prior to launching a ransomware attack launch so they can successfully cripple and extort their victims. It is essential to secure backups through encryption and isolation from the network (offline or MFA-controlled access), as well as regularly test backups and recovery plans. Cloud Backups With MFA-Controlled Access, Offline Backups, Disaster Recovery Plan (DRP), Business Continuity Plan (BCP), DR Tests, Integrity Checks • Review your organization’s current practices • Provide support for backup solution selection and deployment • Develop DRP and BCP • Support DR tests and Incident Response exercises
3 Vendors highlighted in yellow are Marsh Catalyst vendors Key Controls Proposed Solutions - Continued Key Control The Issue Solutions (non exhaustive) How Marsh Can Help 3. Managed Vulnerabilities Regular vulnerability scans and annual penetration testing simulate cyber attacks on the network. Such actions allow organization to uncover existing vulnerabilities and remediate before threat actors have a chance to exploit them. Vulnerability Scanning Solutions (Qualys VM, OpenVAS, Tenable Nessus, InsightVM, Frontline Vulnerability Manager, etc.), Network Security Tests (Vulnerability Scans, Penetration Tests, Application Security Tests, etc.), Patch & Vulnerability Management Policies • Conduct network security tests (vulnerability assessments, pentests, application security tests…) • Develop/ review Information Security Policies: Patch & Vulnerability Management Policies 4. Patched Systems & Applications Unpatched vulnerabilities remain a leading cause of intrusions into systems. Hundreds of vulnerabilities are revealed every month for multiple applications and systems. When technology environments are not patched in a timely fashion, attackers will seek to exploit their vulnerabilities. Patch Management Solutions (Microsoft System Center Configuration Manager, Atera, Ivanti, etc.), Patch & Vulnerability Management Policies • Provide support for vulnerability scanning solution selection and deployment • Develop/ review Information Security Policies: Patch & Vulnerability Management Policies
4 Vendors highlighted in yellow are Marsh Catalyst vendors Key Controls Proposed Solutions - Continued Key Control The Issue Solutions (non exhaustive) How Marsh Can Help 5. Filtered Emails & Web Content Malicious links and files are still the primary way to insert ransomware, steal passwords, and eventually access critical systems. Today’s first line of defense includes indispensable technologies to filter incoming emails, block malicious sites or downloads, and test suspicious content in a secure “sandbox” environment. Email Security Solutions (Proofpoint Email Protection Suite, Mimecast Secure Email Gateway, Barracuda Sentinel, FortiMail, Office 365 Advanced Threat Protection, etc.), Web-Content Filtering Solutions • Review your organization’s current practices • Provide support for Email Security and/or Web Content Filtering solution selection and deployment 6. Protected Privileged Accounts Privileged accounts are the keys of a network. When attackers compromise these accounts, the likelihood of causing significant harm is extremely high. Limiting the number of privileged accounts, using strong password security practices/vaults, MFA, and monitoring these accounts is critical to network security. Privileged Access Management (PAM) Solutions (CyberArk Software, BeyondTrust, etc.), Privileged Access Management Policy - Including Audit, Monitoring & Alerting • Review your organization’s current practices • Provide support for Privileged Access Management solution selection and deployment • Develop/ review Information Security Policies: Privileged Access Management Policy
5 Vendors highlighted in yellow are Marsh Catalyst vendors Key Controls Proposed Solutions Continued Key Control The Issue Solutions (non exhaustive) How Marsh Can Help 7. Protected Network All breached organizations used firewalls to protect their networks - but the technology is often underutilized or outdated. Now is the time to ensure efficient firewall and other technologies are in place with well defined rules; network segmentation, intrusion detection and prevention systems, data leak prevention systems, etc. Network Firewalls (FortiGate: Next Generation Firewall, Cisco, Firebox: WatchGuard, etc.), Network Segmentation, IDS/IPS, DLP, MFA- Controlled Remote Access, and other network hygiene practices. • Review your organization’s current practices • Provide support for network protection solutions selection and deployment 8. Secured Endpoints Advanced anti-malware solutions on workstations, servers, and mobile devices detect malicious programs and contain their spread. Technology allows organizations to remotely respond to attacks and even prevent data leakage. The time when simple “anti-virus” was good enough is behind us. Centralized Anti-Malware Solutions, Endpoints Security & Vulnerability Remediation (Absolute Software – Absolute Resilience, etc.), Endpoint Detection and Response (EDR) Solutions (Cylance, VMware Carbon Black EDR, CrowdStrike Falcon, Windows Defender ATP, FireEye HX. SentinelOne Endpoint Protection Platform, Symantec ATP, etc.) • Provide support for endpoint security solution selection and deployment
6 Vendors highlighted in yellow are Marsh Catalyst vendors Key Controls Proposed Solutions - Continued Key Control The Issue Solutions (non exhaustive) How Marsh Can Help 9. Logged & Monitored Network Logging and monitoring network activities allows organization to identify something possibly harmful might be happening. And attackers actions can be detected and contained at an early stage. Automated technology combined with operators monitoring is needed to watch network events or anomalous behavior of users. Security Information and Event Management Solutions (LogRythm, IBM QRadar, ArcSight, etc.), Network detection and response solution (Gigamon ThreatINSIGHT, etc.), Outsourced Security Operations Center (Scalar, Trustwave, etc.). Log Management Policy • Review your organization’s current practices • Provide support for solution selection and deployment • Develop/ review Information Security Policies: Log Management Policy 10. Phishing- Aware Workforce Recently, attackers took advantage of COVID-19 – when people where stressed the most - as a guise to spread ransomware. There will always be environmental factors that attackers can exploit to deceive people. Training and phishing campaigns help ensure people remain aware and vigilant. Security Awareness Training Platforms & Phishing Campaigns (KnowBe4, InfoSecIQ, Kaspersky, Proofpoint, Cofense PhishMe, Barracuda PhishLine, etc.) • Conduct phishing tests in your organization • Provide support for cyber risk awareness and training solution selection and deployment • Provide risk bulletins to support employee awareness on cyber security issues
7 Vendors highlighted in yellow are Marsh Catalyst vendors Key Controls Proposed Solutions - Continued Key Control The Issue Solutions (non exhaustive) How Marsh Can Help 11. Hardened Device Configuration Attackers exploit default device settings or misconfigurations. Defining security baselines to harden devices, continuously managing secure configurations and change control processes is essential to preventing attackers from reaching their target. Configuration Management Solutions to harden, deploy, enforce, monitor and track configurations/ security baselines (Microsoft Endpoint Manager, etc.). Security Baselines (CIS baselines, DoD baselines, etc.). Configuration and Change Management Policies • Review your organization’s current practices • Provide support for hardening solution selection and deployment • Develop/ review Information Security Policies: Configuration and Change Management Policies 12. Prepared & Tested Incident Response Plans An up-to-date incident response plan with a trained team provides efficiency, speed, and quality in response to cyber incidents. When combined with backups and business continuity plans, it significantly helps to mitigate the impacts on operations and your organization’s reputation, thereby limiting overall costs. Incident Response (IR) Plan, Tabletop or Incident Simulation Exercises, Breach & Attack Simulation Platforms (XM Cyber, etc.), Relationships with IR vendors • Develop Incident Response (IR) Plan • Coordinate IR Plan with DRP and BCP • Facilitate tabletop/ incident simulation exercises • Identify & help implement resilience enhancements • Provide support for IR solutions & vendor selection
We are leaders in risk, strategy and people. One company, with four global businesses, united by a shared purpose to make a difference in the moments that matter. A business of Marsh McLennan This document and any recommendations, analysis, or advice provided by Marsh (collectively, the “Marsh Analysis”) are intended solely for the entity identified as the recipient herein (“you”). This document contains proprietary, confidential information of Marsh and may not be shared with any third party, including other insurance producers, without Marsh’s prior written consent. Any statements concerning actuarial, tax, accounting, or legal matters are based solely on our experience as insurance brokers and risk consultants and are not to be relied upon as actuarial, accounting, tax, or legal advice, for which you should consult your own professional advisors. Any modeling, analytics, or projections are subject to inherent uncertainty, and the Marsh Analysis could be materially affected if any underlying assumptions, conditions, information, or factors are inaccurate or incomplete or should change. The information contained herein is based on sources we believe reliable, but we make no representation or warranty as to its accuracy. Marsh shall have no obligation to update the Marsh Analysis and shall have no liability to you or any other party with regard to the Marsh Analysis or to any services provided by a third party to you or Marsh. Marsh makes no representation or warranty concerning the application of policy wordings or the financial condition or solvency of insurers or reinsurers. Marsh makes no assurances regarding the availability, cost, or terms of insurance coverage. All decisions regarding the amount, type or terms of coverage shall be your ultimate responsibility. While Marsh may provide advice and recommendations, you must decide on the specific coverage that is appropriate for your particular circumstances and financial position. By accepting this report, you acknowledge and agree to the terms, conditions, and disclaimers set forth above. Copyright © 2021 Marsh LLC. All rights reserved.

Recomendados

Tech Throwdown: Secure Containerization vs Whitelisting
Tech Throwdown: Secure Containerization vs WhitelistingTech Throwdown: Secure Containerization vs Whitelisting
Tech Throwdown: Secure Containerization vs Whitelisting
Invincea, Inc.
 
Different Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docxDifferent Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docx
SameerShaik43
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare ☁
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare ☁
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare ☁
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.
Ricardo Resnik
 
Cyber Security vs.pdf
Cyber Security vs.pdfCyber Security vs.pdf
Cyber Security vs.pdf
Ming Man Chan
 
Managing security threats in today’s enterprise
Managing security threats in today’s enterpriseManaging security threats in today’s enterprise
Managing security threats in today’s enterprise
Quick Heal Technologies Ltd.
 

Recomendados

Tech Throwdown: Secure Containerization vs Whitelisting
Tech Throwdown: Secure Containerization vs WhitelistingTech Throwdown: Secure Containerization vs Whitelisting
Tech Throwdown: Secure Containerization vs Whitelisting
Invincea, Inc.
 
Different Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docxDifferent Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docx
SameerShaik43
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare ☁
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare ☁
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare ☁
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.
Ricardo Resnik
 
Cyber Security vs.pdf
Cyber Security vs.pdfCyber Security vs.pdf
Cyber Security vs.pdf
Ming Man Chan
 
Managing security threats in today’s enterprise
Managing security threats in today’s enterpriseManaging security threats in today’s enterprise
Managing security threats in today’s enterprise
Quick Heal Technologies Ltd.
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security Management
Mayur Nanotkar
 
Tsc2021 cyber-issues
Tsc2021 cyber-issuesTsc2021 cyber-issues
Tsc2021 cyber-issues
Ernest Staats
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
Mark Silver
 
Automating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceAutomating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and Compliance
Qualys
 
Application Threat Modeling
Application Threat ModelingApplication Threat Modeling
Application Threat Modeling
Rochester Security Summit
 
Risk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedRisk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs Provided
Tiffany Graham
 
Cyber and information security operations and assurance
Cyber and information security operations and assurance Cyber and information security operations and assurance
Cyber and information security operations and assurance
EyesOpen Association
 
Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30
Kevin M. Moker, CFE, CISSP, ISSMP, CISM
 
CompTIA CySA Domain 1 Threat and Vulnerability Management.pptx
CompTIA CySA Domain 1 Threat and Vulnerability Management.pptxCompTIA CySA Domain 1 Threat and Vulnerability Management.pptx
CompTIA CySA Domain 1 Threat and Vulnerability Management.pptx
Infosectrain3
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat LandscapeCyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat Landscape
Aaron White
 
What is dr and bc 12-2017
What is dr and bc 12-2017What is dr and bc 12-2017
What is dr and bc 12-2017
Atef Yassin
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
wkyra78
 
201512 - Vulnerability Management -PCI Best Practices - stepbystep
201512 - Vulnerability Management -PCI Best Practices - stepbystep201512 - Vulnerability Management -PCI Best Practices - stepbystep
201512 - Vulnerability Management -PCI Best Practices - stepbystep
Allan Crowe PCIP
 
The Threat Landscape & Network Security Measures
The Threat Landscape & Network Security MeasuresThe Threat Landscape & Network Security Measures
The Threat Landscape & Network Security Measures
Carl B. Forkner, Ph.D.
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Michele Chubirka
 
Lec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsLec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendations
BilalMehmood44
 
Proatively Engaged: Questions Executives Should Ask Their Security Teams
Proatively Engaged: Questions Executives Should Ask Their Security TeamsProatively Engaged: Questions Executives Should Ask Their Security Teams
Proatively Engaged: Questions Executives Should Ask Their Security Teams
FireEye, Inc.
 
Advanced Endpoint Protection
Advanced Endpoint ProtectionAdvanced Endpoint Protection
Advanced Endpoint Protection
Mustafa YÜKSEL
 
8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdf8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdf
Metaorange
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
Sirius
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
apidays
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
Antenna Manufacturer Coco
 

Mais conteúdo relacionado

Semelhante a 12 Critical Cyber Controls for Insurance.pptx

Automating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceAutomating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and Compliance
Qualys
 
Application Threat Modeling
Application Threat ModelingApplication Threat Modeling
Application Threat Modeling
Rochester Security Summit
 
Risk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedRisk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs Provided
Tiffany Graham
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat LandscapeCyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat Landscape
Aaron White
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
wkyra78
 
201512 - Vulnerability Management -PCI Best Practices - stepbystep
201512 - Vulnerability Management -PCI Best Practices - stepbystep201512 - Vulnerability Management -PCI Best Practices - stepbystep
201512 - Vulnerability Management -PCI Best Practices - stepbystep
Allan Crowe PCIP
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Michele Chubirka
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
Sirius
 

Semelhante a 12 Critical Cyber Controls for Insurance.pptx (20)

Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security Management
 
Tsc2021 cyber-issues
Tsc2021 cyber-issuesTsc2021 cyber-issues
Tsc2021 cyber-issues
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
 
Automating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceAutomating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and Compliance
 
Application Threat Modeling
Application Threat ModelingApplication Threat Modeling
Application Threat Modeling
 
Risk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedRisk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs Provided
 
Cyber and information security operations and assurance
Cyber and information security operations and assurance Cyber and information security operations and assurance
Cyber and information security operations and assurance
 
Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30
 
CompTIA CySA Domain 1 Threat and Vulnerability Management.pptx
CompTIA CySA Domain 1 Threat and Vulnerability Management.pptxCompTIA CySA Domain 1 Threat and Vulnerability Management.pptx
CompTIA CySA Domain 1 Threat and Vulnerability Management.pptx
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat LandscapeCyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat Landscape
 
What is dr and bc 12-2017
What is dr and bc 12-2017What is dr and bc 12-2017
What is dr and bc 12-2017
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
 
201512 - Vulnerability Management -PCI Best Practices - stepbystep
201512 - Vulnerability Management -PCI Best Practices - stepbystep201512 - Vulnerability Management -PCI Best Practices - stepbystep
201512 - Vulnerability Management -PCI Best Practices - stepbystep
 
The Threat Landscape & Network Security Measures
The Threat Landscape & Network Security MeasuresThe Threat Landscape & Network Security Measures
The Threat Landscape & Network Security Measures
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
 
Lec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsLec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendations
 
Proatively Engaged: Questions Executives Should Ask Their Security Teams
Proatively Engaged: Questions Executives Should Ask Their Security TeamsProatively Engaged: Questions Executives Should Ask Their Security Teams
Proatively Engaged: Questions Executives Should Ask Their Security Teams
 
Advanced Endpoint Protection
Advanced Endpoint ProtectionAdvanced Endpoint Protection
Advanced Endpoint Protection
 
8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdf8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdf
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
 

Último

Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 

Último (20)

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 

12 Critical Cyber Controls for Insurance.pptx

  • 1. A business of Marsh McLennan 12 Critical Controls Needed for Insurance 2022 Cyber Insurance Update: US & Canada Cyber Practice
  • 2. 2 *New Dark Web Audit Reveals 15 Billion Stolen Logins From 100,000 Breaches (forbes.com) Vendors highlighted in yellow are Marsh Catalyst vendors Key Controls Proposed Solutions Key Control The Issue Solutions (non exhaustive) How Marsh Can Help 1. Multi-Factor Authentication (MFA) Controlled Access Ransomware attacks often start with compromised credentials. MFA is a method to validate or verify a user’s request to access an IT resource, by requiring the user provide two or more pieces of evidence to be authenticated. This can help thwart ransomware attacks. MFA solution (RSA SecureID, Duo, Okta, Ping Identity, LastPass, etc.), Password, Data Protection & Access Management Policies • Review your organization’s current practices • Provide support for MFA solution selection and deployment • Develop/ review Information Security Policies: Password, Data Protection & Access Management Policies 2. Secured & Tested Backups Attackers are looking to delete backups prior to launching a ransomware attack launch so they can successfully cripple and extort their victims. It is essential to secure backups through encryption and isolation from the network (offline or MFA-controlled access), as well as regularly test backups and recovery plans. Cloud Backups With MFA-Controlled Access, Offline Backups, Disaster Recovery Plan (DRP), Business Continuity Plan (BCP), DR Tests, Integrity Checks • Review your organization’s current practices • Provide support for backup solution selection and deployment • Develop DRP and BCP • Support DR tests and Incident Response exercises
  • 3. 3 Vendors highlighted in yellow are Marsh Catalyst vendors Key Controls Proposed Solutions - Continued Key Control The Issue Solutions (non exhaustive) How Marsh Can Help 3. Managed Vulnerabilities Regular vulnerability scans and annual penetration testing simulate cyber attacks on the network. Such actions allow organization to uncover existing vulnerabilities and remediate before threat actors have a chance to exploit them. Vulnerability Scanning Solutions (Qualys VM, OpenVAS, Tenable Nessus, InsightVM, Frontline Vulnerability Manager, etc.), Network Security Tests (Vulnerability Scans, Penetration Tests, Application Security Tests, etc.), Patch & Vulnerability Management Policies • Conduct network security tests (vulnerability assessments, pentests, application security tests…) • Develop/ review Information Security Policies: Patch & Vulnerability Management Policies 4. Patched Systems & Applications Unpatched vulnerabilities remain a leading cause of intrusions into systems. Hundreds of vulnerabilities are revealed every month for multiple applications and systems. When technology environments are not patched in a timely fashion, attackers will seek to exploit their vulnerabilities. Patch Management Solutions (Microsoft System Center Configuration Manager, Atera, Ivanti, etc.), Patch & Vulnerability Management Policies • Provide support for vulnerability scanning solution selection and deployment • Develop/ review Information Security Policies: Patch & Vulnerability Management Policies
  • 4. 4 Vendors highlighted in yellow are Marsh Catalyst vendors Key Controls Proposed Solutions - Continued Key Control The Issue Solutions (non exhaustive) How Marsh Can Help 5. Filtered Emails & Web Content Malicious links and files are still the primary way to insert ransomware, steal passwords, and eventually access critical systems. Today’s first line of defense includes indispensable technologies to filter incoming emails, block malicious sites or downloads, and test suspicious content in a secure “sandbox” environment. Email Security Solutions (Proofpoint Email Protection Suite, Mimecast Secure Email Gateway, Barracuda Sentinel, FortiMail, Office 365 Advanced Threat Protection, etc.), Web-Content Filtering Solutions • Review your organization’s current practices • Provide support for Email Security and/or Web Content Filtering solution selection and deployment 6. Protected Privileged Accounts Privileged accounts are the keys of a network. When attackers compromise these accounts, the likelihood of causing significant harm is extremely high. Limiting the number of privileged accounts, using strong password security practices/vaults, MFA, and monitoring these accounts is critical to network security. Privileged Access Management (PAM) Solutions (CyberArk Software, BeyondTrust, etc.), Privileged Access Management Policy - Including Audit, Monitoring & Alerting • Review your organization’s current practices • Provide support for Privileged Access Management solution selection and deployment • Develop/ review Information Security Policies: Privileged Access Management Policy
  • 5. 5 Vendors highlighted in yellow are Marsh Catalyst vendors Key Controls Proposed Solutions Continued Key Control The Issue Solutions (non exhaustive) How Marsh Can Help 7. Protected Network All breached organizations used firewalls to protect their networks - but the technology is often underutilized or outdated. Now is the time to ensure efficient firewall and other technologies are in place with well defined rules; network segmentation, intrusion detection and prevention systems, data leak prevention systems, etc. Network Firewalls (FortiGate: Next Generation Firewall, Cisco, Firebox: WatchGuard, etc.), Network Segmentation, IDS/IPS, DLP, MFA- Controlled Remote Access, and other network hygiene practices. • Review your organization’s current practices • Provide support for network protection solutions selection and deployment 8. Secured Endpoints Advanced anti-malware solutions on workstations, servers, and mobile devices detect malicious programs and contain their spread. Technology allows organizations to remotely respond to attacks and even prevent data leakage. The time when simple “anti-virus” was good enough is behind us. Centralized Anti-Malware Solutions, Endpoints Security & Vulnerability Remediation (Absolute Software – Absolute Resilience, etc.), Endpoint Detection and Response (EDR) Solutions (Cylance, VMware Carbon Black EDR, CrowdStrike Falcon, Windows Defender ATP, FireEye HX. SentinelOne Endpoint Protection Platform, Symantec ATP, etc.) • Provide support for endpoint security solution selection and deployment
  • 6. 6 Vendors highlighted in yellow are Marsh Catalyst vendors Key Controls Proposed Solutions - Continued Key Control The Issue Solutions (non exhaustive) How Marsh Can Help 9. Logged & Monitored Network Logging and monitoring network activities allows organization to identify something possibly harmful might be happening. And attackers actions can be detected and contained at an early stage. Automated technology combined with operators monitoring is needed to watch network events or anomalous behavior of users. Security Information and Event Management Solutions (LogRythm, IBM QRadar, ArcSight, etc.), Network detection and response solution (Gigamon ThreatINSIGHT, etc.), Outsourced Security Operations Center (Scalar, Trustwave, etc.). Log Management Policy • Review your organization’s current practices • Provide support for solution selection and deployment • Develop/ review Information Security Policies: Log Management Policy 10. Phishing- Aware Workforce Recently, attackers took advantage of COVID-19 – when people where stressed the most - as a guise to spread ransomware. There will always be environmental factors that attackers can exploit to deceive people. Training and phishing campaigns help ensure people remain aware and vigilant. Security Awareness Training Platforms & Phishing Campaigns (KnowBe4, InfoSecIQ, Kaspersky, Proofpoint, Cofense PhishMe, Barracuda PhishLine, etc.) • Conduct phishing tests in your organization • Provide support for cyber risk awareness and training solution selection and deployment • Provide risk bulletins to support employee awareness on cyber security issues
  • 7. 7 Vendors highlighted in yellow are Marsh Catalyst vendors Key Controls Proposed Solutions - Continued Key Control The Issue Solutions (non exhaustive) How Marsh Can Help 11. Hardened Device Configuration Attackers exploit default device settings or misconfigurations. Defining security baselines to harden devices, continuously managing secure configurations and change control processes is essential to preventing attackers from reaching their target. Configuration Management Solutions to harden, deploy, enforce, monitor and track configurations/ security baselines (Microsoft Endpoint Manager, etc.). Security Baselines (CIS baselines, DoD baselines, etc.). Configuration and Change Management Policies • Review your organization’s current practices • Provide support for hardening solution selection and deployment • Develop/ review Information Security Policies: Configuration and Change Management Policies 12. Prepared & Tested Incident Response Plans An up-to-date incident response plan with a trained team provides efficiency, speed, and quality in response to cyber incidents. When combined with backups and business continuity plans, it significantly helps to mitigate the impacts on operations and your organization’s reputation, thereby limiting overall costs. Incident Response (IR) Plan, Tabletop or Incident Simulation Exercises, Breach & Attack Simulation Platforms (XM Cyber, etc.), Relationships with IR vendors • Develop Incident Response (IR) Plan • Coordinate IR Plan with DRP and BCP • Facilitate tabletop/ incident simulation exercises • Identify & help implement resilience enhancements • Provide support for IR solutions & vendor selection
  • 8. We are leaders in risk, strategy and people. One company, with four global businesses, united by a shared purpose to make a difference in the moments that matter. A business of Marsh McLennan This document and any recommendations, analysis, or advice provided by Marsh (collectively, the “Marsh Analysis”) are intended solely for the entity identified as the recipient herein (“you”). This document contains proprietary, confidential information of Marsh and may not be shared with any third party, including other insurance producers, without Marsh’s prior written consent. Any statements concerning actuarial, tax, accounting, or legal matters are based solely on our experience as insurance brokers and risk consultants and are not to be relied upon as actuarial, accounting, tax, or legal advice, for which you should consult your own professional advisors. Any modeling, analytics, or projections are subject to inherent uncertainty, and the Marsh Analysis could be materially affected if any underlying assumptions, conditions, information, or factors are inaccurate or incomplete or should change. The information contained herein is based on sources we believe reliable, but we make no representation or warranty as to its accuracy. Marsh shall have no obligation to update the Marsh Analysis and shall have no liability to you or any other party with regard to the Marsh Analysis or to any services provided by a third party to you or Marsh. Marsh makes no representation or warranty concerning the application of policy wordings or the financial condition or solvency of insurers or reinsurers. Marsh makes no assurances regarding the availability, cost, or terms of insurance coverage. All decisions regarding the amount, type or terms of coverage shall be your ultimate responsibility. While Marsh may provide advice and recommendations, you must decide on the specific coverage that is appropriate for your particular circumstances and financial position. By accepting this report, you acknowledge and agree to the terms, conditions, and disclaimers set forth above. Copyright © 2021 Marsh LLC. All rights reserved.