Tag Archives: cyber

How to Fight Rise in Cyber Criminals

Coronavirus is changing how people work and interact every day. Many companies have needed to expand their remote working capacity as a result of the outbreak – and usually at very short notice. To provide as many employees as possible with easy access to operating software and systems quickly, in some cases IT security standards have had to be lowered or suspended, resulting in potential cyber security exposures for companies.

One consequence of potentially laxer security may be that cybercriminals and hackers may find it easier to penetrate previously protected corporate systems, causing data breaches, cyber blackmail intrusions and IT system failures.

According to the Allianz Risk Barometer, an annual survey of more than 2,700 risk management experts around the globe, cyber risk already ranked as the number one threat for businesses in 2020 before the coronavirus outbreak, driven by concerns about data breaches becoming larger and more expensive; ransomware incidents bringing increasing losses and business email compromise (BEC) or spoofing attacks, which typically involve social engineering and phishing emails to dupe employees into revealing confidential or valuable information. BEC attacks have resulted in fraudulent losses in excess of $20 billion since 2016.

Unfortunately, the significant increase in home workers accessing the corporate network with a virtual private network (VPN) connection because of the coronavirus pandemic only exacerbates these risks, providing a perfect opportunity for cyber criminals, as recent events demonstrate only too well.

It is estimated that anywhere between 50% and 90% of data breaches are caused or abetted by employees, be it by simple error or by falling victim of phishing or social engineering. Recent events demonstrate the vulnerability only too well. In April, Google detected and blocked more than 18 million malware and phishing emails and 240 million daily spam messages related to the coronavirus pandemic in a single week. In total, Google blocks more than 100 million phishing emails each day.

See also: Coronavirus Boosts Cyber Risk  

If remote workers fall victim to a cyberattack, it puts their work network at risk. There are several effective security measures businesses can apply to help remote employees combat internet attacks.

Keep Software Up to Date

Check whether you can use current versions of operating systems and installed programs. If possible, use the automatic update feature, which is often the default setting. Otherwise, immediately install security updates for your software, especially for your web browser and operating system.

Use Virus Protection and Firewalls

Check activation of virus protection and firewalls, but keep in mind that this measure can only be effective as an accompanying measure with other security procedures. Its application does not reduce the importance of the other tips in this article.

Create Different User Accounts

Malicious programs have the same rights on the PC as the user account through which they entered the computer. You should, therefore, only work with administrator rights if absolutely necessary.

Be Cautious About Sharing Personal Data

Online fraudsters increase their success rates by addressing their victims individually: Previously spied-on data, such as surfing habits or personal names, are used to inspire confidence. Today, personal data is considered a currency on the internet and is traded in this way. If possible, use a VPN connected to your home network in public wireless local area network (WLAN) hotspots.

Otherwise, unencrypted transmitted data can be read by third parties. At the same time, a VPN also protects against a number of other attacks on the PC and the data stored on it.

Use Up-to-Date Web Browsers

Check whether to disable components and plug-ins in your browser settings. First, enter the addresses for security-critical websites, such as for online banking, manually in the address line of the browser and save the address entered in this way as a bookmark, which you can then use for secure access.

Two-Factor Authentication

Where two-factor authentication is offered, use it to secure access to your account. A password manager can facilitate the handling of different passwords. Do not share your passwords with third parties.

Protect Your Data Through Encryption

Protect your confidential emails with encryption. If a WLAN is used, subject to the information security guidance of your entity, pay attention to the encryption of the wireless network. Subject to higher standards as per individual guidance of the respective individual security officer (ISO), in your router, select the WPA3 encryption standard or, if this is not yet supported, WPA2, until further notice. Choose a complex password of at least 20 characters.

Identify All Participants in Online Sessions

It is particularly easy for unauthorized persons who have obtained the dial-in data to join large online meetings with many participants. That’s why everyone who appears in the meeting needs to briefly identify themselves, especially when discussing sensitive topics and sharing presentations on screen.

Be Extremely Careful With Suspicious E-mails or Attachments, Especially if the Sender Is Unknown

Especially in the familiar environment of your home office, you must be wary of suspicious e-mails. Take your time and check each email thoroughly before you open it.

Please see  CORONAVIRUS: STAYING CYBER-SECURE THROUGH THE PANDEMIC for a complete list of IT security measures.

See also: New Enhancements for Cyber Coverage  

COVID-19 is one of the many crises that hackers and scammers leveraged to exploit vulnerable businesses, and they will find more innovative ways in the future. More than ever, it is vital for organizations to protect themselves from malicious cyberattacks by educating employees about how to identify and prevent cyberattacks and implementing home security policies for remote workers.

10 Tips for Moving Online in COVID World

In the retail industry, O2O “online-to-offline” signifies an online trigger, such as an ad, that prompts consumers to go to a physical location to complete their purchases, but it can also occur in the opposite order.

In the insurance sector, over 100,000 independent agents in the U.S. depend on high-value networking, customer references and direct carrier relationships. For insurance professionals, interacting with customers face-to-face has been vital.  But in the wake of the coronavirus, it is critical to move insurance agencies from an offline to an online model, O2O, where almost all tasks that agents were accustomed to on a day-to-day basis need to be done completely remotely.

This change can offer considerable benefits if executed correctly: higher productivity, greater scale and a high degree of accuracy that allows agents to continue to build trusted relationships. As risk management advisers, agents are responsible now more than ever for equipping policyholders with unbeatable risk transfer strategies. As cyberattacks on small to mid-size businesses (SMBs) continue to escalate, cyber insurance presents an opportunity to rebuild an agency book of business when done right. 

Here are 10 tips on jumpstarting your O2O transformation:

1. Focus your efforts on insurance lines with growth opportunity

Cyber insurance is relatively new, with substantial opportunities for adoption in the SMBs market as cybercriminals exploit people’s vulnerabilities using sophisticated social engineering attacks during COVID-19. In fact, phishing has increased by over 600% since the end of February, according to security provider Barracuda Networks.

2. Prioritize industries for which cyber insurance is vital

Organizations have begun using SaaS applications and operations in an effort to digitize online but will likely be left vulnerable to cyber incidents. Recognize which industries are either required to obtain cyber insurance or are paving the way for digital transformation.

See also: Will COVID-19 Be Digital Tipping Point?

3. Select partners that operate exclusively online

Now is the perfect time to reassess the insurance carriers and programs that you’re working with for capacity to shift online. Today’s technology allows businesses to deliver a vertically integrated insurance solution that ties together insurance requests, risk assessment, underwriting and policy and claims management in one system enabled by a common, relevant dataset. 

4. Search for admitted, standalone programs

This is directly related to your carrier of choice. The shift toward standalone cyber insurance programs is occurring because cyber insurance provided as an endorsement to other intricate coverages only creates more complexity. Standalone cyber programs outline what incidents are and are not covered, and the policy’s aggregate limit and sub-limits for each coverage, along with precise cyber criteria. 

5. Align risk to coverage, as your go-to sales pitch 

Cybersecurity aims to safeguard a business’ use of technology and the web. Each business uses different applications and operates in its own way. In turn, each business has drastically different risks that should be recognized by policies. Policyholders must be able to account for the coverages, aggregate limit, sub-limits and deductibles that best fit their risk assessment. 

6. Learn as much as the customer about the risk, if not more

Cyber risk exposures and attacks are constantly evolving. Evaluating an organization for cyber risk yearly is a risky and obsolete cyber strategy. Being able to regularly reevaluate risks and coverage on a continuing basis is necessary for cyber and shields all parties from coverage gaps.

7. Collaborate with carriers on prospecting

Transform your website to a producing site, not just a lead generation platform. API integration of your website into the carrier’s quoting and underwriting platform is instrumental in delivering a constant stream of potential cyber insurance consumers.

8. Educate policyholders on claims experience and loss control

Your customers should be equipped with security awareness training, generally administered by the carrier. Phishing simulation and basic InfoSec training are key education tools. Regular updates to policyholders on providing their risk insights and remediation guidance provide effective risk mitigation and loss control.

9. Educate yourself on what events activate which coverage

Outline for your policyholders what exactly is covered by the carrier’s insurance program by sharing your claim scenarios. Demand a list of cases for each incident that would activate specific coverage paired with concrete use cases.

See also: COVID-19: Implications for Business Models  

10. Don’t spend more than a few minutes on a submission, application or binding

Moving to an online operation can feel unsettling at first but, if done correctly, will produce real results:

  • Faster and more precise applications
  • Quicker turnaround time on quote and bind when working with a program that is also deployed online
  • Ability to offer additional services to policyholders as part of the online experience – risk assessment, training, notification of critical updates. Consistent communication online boosts customer satisfaction and opens the door to lasting relationships

5 Questions That Thwart Ransomware

This past summer was something of a perfect storm for small businesses, which weathered an increase in ransomware attacks, which in many cases started with an IT vendor or managed service provider (MSP).

Ransomware incidents reported to our company were up 37% in the third quarter when compared with the first three months of the year, and 24% were confirmed to be caused by a vendor or MSP.

Those statistics are bad news for small businesses that manage their IT resources with the help of a MSP and worse news for small businesses that outsource their entire IT operation to the MSP, which includes everything from building the network and managing applications to servicing any and all IT requests.

In fact, in the first nine months of last year, 63% of all the ransomware incidents reported to our breach response unit came from small businesses, many of which rely on an MSP. Why is that figure so high? MSPs make ripe targets for ransomware attacks.

They have to balance, on the one hand, a need for speed and convenience when it comes to being able to respond to clients and, on the other hand, the need to have the right security controls in place. Too often, speed and convenience win out over security controls.

For example, in many cases, MSPs have reused credentials across clients so that MSP employees can service multiple clients more quickly. Similarly, MSPs might not enable multi-factor authentication (MFA) on the remote access point they use to pivot to client environments.

See also: How Municipalities Avoid Ransomware  

In many incidents in the third quarter, attackers exploited the remote management application that connects the MSP to the client. The same MSP user account would log into multiple client environments and install ransomware. If the MSP had set up individual user accounts for each of its clients, it is more likely that the exploitation of the single set of credentials would have only enabled unauthorized access to a single client’s environment, diminishing the risk to their clients.

Further, an MSP user account often has to have full administrative access to assist with regular IT functions, so, when credentials were compromised, the attackers had full administrative access to clients’ environments.

So, why the increase in MSP ransomware attacks this summer? According to Bill Siegel, CEO and co-founder of ransomware response platform Coveware, hackers have found a way to magnify the attacks on MSPs. Specifically, developers of Sodinokibi ransomware are now using techniques employed originally by GandCrab ransomware to make the attacks on MSPs more profitable.

These MSP ransomware attacks over the summer exposed incident response challenges. For small businesses that completely rely on outsourced IT, a massive ransomware attack across clients draws on the MSP’s resources and inevitably leaves many businesses in the dark. Small business owners without a technical background struggle to understand and assist the external legal and forensics vendors who are hired to help them respond to the attack.

The response is further complicated when the MSP itself is also infected with ransomware. Where an attack group knows it has hit an MSP, and infected downstream clients, the group may refuse to negotiate with the end clients and instead only respond to the MSP to increase ransom demands. This tactic can also leave clients with little to no control over their data software recovery.

For all of these reasons, we urge small businesses to ask the following important questions when vetting a potential MSP:

  1. Is there a security program in place, including periodic risk assessments to identify areas for improvement?
  2. Is there continuing security awareness training across the organization?
  3. Is there a SSAE 18 SOC 2 Type II report or similar type of report available to customers, attesting to security control environment?
  4. If access to personally identifiable information or protected health information is necessary, how is this protected at the vendor (e.g. encryption, secure remote connections, restricted access, logging and monitoring)?
  5. Are security and availability requirements enforced in master service agreement contracts (e.g. sensitive data protection, up-time guarantee/service level agreements, security incident reporting/coordination, regulatory compliance requirements)?

Our third-quarter statistics clearly show that small businesses and MSPs are big targets for hackers. It is absolutely critical that small businesses are working hand-in-hand with all their IT vendors to prevent ransomware attacks from happening in the first place.

Securing Your Internet of (Medical) Things

Internet of Medical Things is no longer a thing of the future; it can be rightly called a thing of today. Worldwide, a plethora of hospitals, health facilities and labs have adopted IoMT systems of iconnected devices and big data, which allows them to render error-free, personalized and overall superior healthcare services to their patients. On top of that, the demand for digitalized healthcare is growing, especially among younger generations, who are more likely to opt for medical providers offering digital capabilities.

Such a system, however, can actually become a source of security and privacy threats to a medical facility and its patients. This vulnerability is a downside of the rapid emergence of healthcare IoT, which neither the equipment makers nor medical practitioners were prepared for. For now, healthcare institutions and legislative bodies are working hard to catch up and impose medical security practices, yet many facilities remain drastically behind the curve.

In the light of grave consequences for human health and life, as well as possible financial and reputational harm to a medical facility, being ill-prepared for IoMT security violations is off-limits for healthcare executives.

It’s high time you homed in on making your healthcare IoT impregnable, and this article will serve as a guide on this journey. Read on and learn about the most common security threats that an average Internet of Medical Things is susceptible to and, most importantly, the ways to shield your connected healthcare environment against conceivable cybersecurity risks.

What Makes IoMT Vulnerable?

Put into practice, the Internet of Medical Things is a vast and miscellaneous entity, often amounting to thousands of connected devices. On average, between 15 and 20 medical devices for monitoring and treatment are implemented in a single ward in the U.S. This number is only predicted to grow: According to a study by Frost & Sullivan, by 2020 the number of operating appliances – from insulin pumps to pacemakers, from imaging systems to MRI scanners – will reach up to 30 billion globally.

So, on the face of it, detecting vulnerabilities in such a system is similar to looking for a needle in a haystack. In fact, there is a definite pattern of security flaws that most healthcare IoTs are susceptible to, and being aware of them is a stepping stone to rendering the system invincible.

See also: Why Medical Records Are Easy to Hack  

Let’s go over the most common weak spots of an average IoMT infrastructure.

Legacy Systems

IoMT emerged surprisingly swiftly and in a sense caught medical authorities off guard. Healthcare facilities were unable to build designated environments from scratch due to monetary or time constraints, so the majority established their medical IoT on their legacy systems.

These systems were flawed and outdated more often than not, lacked crucial cybersecurity controls or all of the above. With time, a small share of organizations revamped their legacy systems, while the majority, according to a Forescout report, still operate on the Windows versions that are to expire by 2020, which would leave them unsupported and highly vulnerable to cybersecurity breaches.

Outdated Medical Devices

Medical devices used to be designed with no or few security considerations, and this used to suffice, as they were standalone, and threats were close to zero. Now, healthcare IoT requires medical devices to be connected within a single network, making outdated hardware a potential source of critical data exfiltration.

Apart from this, a fair share of older medical devices are not in line with the cybersecurity guidelines of the Food and Drug Administration (FDA), require manually implemented patches or are beyond repair, which makes them exposed to all kinds of internal and external security threats.

System Sprawl

The undeniably positive trend toward increasing the number of connected medical devices has a downside: It expands the attack surface. The vaster the medical network becomes, the more foothold cybercriminals gain for infiltration. Besides, the devices commonly come from a variety of vendors, which complicates compatibility between the tools and hinders unified security measures.

Best Practices to Mitigate IoMT Security Risks

Network Segmentation

When you have a vast IoMT legacy system that you do not plan to shift away from anytime soon, limit the potential attack surface by segmenting your medical IoT.

The segmentation principle rests on individual needs and priorities: You can separate vulnerable devices only from the main network or segregate them based on their function or user types. Also, the FDA guidelines insist on separating unpatchable devices from the rest of the network and minimizing the traffic to them.

Applying this unsophisticated measure, one can successfully isolate potentially vulnerable tools from sensitive data and more secure devices, and prevent a possible malware infection from spreading across the network. Segmentation also facilitates supervision of the disparate IoMT environment.

Regular Updating and Patching

Thorough updating and security patching can become an effective preemptive measure against data breaches. However, because the medical IoT system consists of software and hardware from miscellaneous vendors, expect patch and update releases to be numerous and irregular.

This can be managed in two ways: by appointing a dedicated team to implement new versions and bug fixes as soon as they come out or automatically streamlining this process, which will require elaborate development.

Another challenge of updates in medical facilities, especially in intensive care wards and such, is that a great many life-sustaining devices cannot become inoperative even for several seconds.

Data Encryption

Protected health information (PHI) is a coveted prize for cybercriminals who target healthcare facilities, and, in a medical IoT environment, data is more ubiquitous than ever. There is a constant flow of patients’ information within the network of devices, and a fair amount of critical information is stored on servers and devices – all an easy target unless protected.

Encryption is a baseline measure for securing the integrity of PHI. The encryption process involves using a specific algorithm to render data incomprehensible, decipherable only with a confidential key. Encryption keys should also be properly secured, and access to them should be limited to select people. Therefore, in the worst-case scenario when PHI does get stolen, a threat actor could hardly access the data or assign any meaning to it.

See also: Insurance and the Internet of Things  

Machine Learning

Machine learning (ML) can help diminish security concerns related to the Internet of Medical Things. It can serve as an extra-sensitive risk detector, recognizing suspicious activities across all the network’s devices and endpoints in real time. Beyond that, ML can monitor data exchange within the facility as well as with external entities and detect anomalies in the data flow. The technology can also be leveraged for predicting system vulnerabilities, analyzing the facility’s big data and recommending corresponding security measures.

Still, for the time being, machine learning is too young as a technology to be left to its own devices, so considerable human supervision and correction is still required.

With IoMT, It’s Better Safe Than Sorry

Internet of Things has proven to be a disruptive technology for healthcare, used to diagnose more accurately, monitor treatment progression closely and perform sophisticated procedures, to name but a few applications. At the same time, the IoMT environment is very complex, demands financial investment and upkeep and, among all things, can be the loophole for a security breach or a data loss.

Still, it is better to prevent than to treat problems, and health professionals know this like nobody else. Do not wait for the worst to happen – instead, be aggressive and implement relevant security measures to keep your facility and patients from harm. After all, with so much at stake – money, reputation, health and even lives – inaction is inexcusable.

Insurers Must Collaborate on Cyber

We are living in the accumulated aftermath of the countless cyber breaches that, since the turn of the century, have cost the global economy over $2 trillion. We are in the untenable situation where insurers find it nearly impossible to provide security for their insureds while safeguarding their own profitability.

However, the destruction and loss of the past need not be the fate of the future. If cyber liability and technology E&O insurers learn from the recent past, then insurers can help give rise to a future cyber realm that is free from the doubt and fear that are prevalent now.

Over the past two decades, insurers have not worked with members across the private spectrum to put into place unified laws governing the cyber realm, so there are now laws across the world that have been enacted or about to be enacted that are making it more difficult to provide cyber liability insurance. What may be even worse is that, for the past four years or so, different governments have argued against end-to-end encryption (E2EE), and insurers have not responded swiftly to that threat, either. If a country, especially one like the U.S, were to pass a law making E2EE unlawful, then providing cyber liability insurance to anyone would be made more difficult than it already is.

Thus far, insurers rarely speak to each other regarding their most prominent common adversary: hackers. Perhaps the only time that insurers might broach the subject of that adversary is when they are at a NetDiligence or PLUS Cyber Symposium conference, and even then hackers are treated as more of an appetizer than as a main course. If a hacker or hacking group causes five different insurers a combined loss of $50 million, then clearly such attacks represent a inconsequential loss. However, because insurers do not talk to each other, not only do they not know the common methods of attacks on their insureds, along with the collective loss they suffered, but they also have no way to focus efforts on removing that hacking threat. There is also no way to know that a hacker or hacking group is targeting a specific sector of the private sphere, because the only way to know that is through shared intelligence.

Every day, threat actors from nation states or hacking groups or standalone hackers are using the advances in cyber breach techniques learned from each other to create the next unstoppable attack. It is time for insurers to pool their own resources so that they and their insureds can begin to level the playing field with respect to the main adversary so that laws passed are to the benefit of insureds and insurers alike.

Insurers also need to look at the complete picture to be responsible netizens and help craft a safer cyber future. When semiconductor technology in the form of computers began to integrate with the personal and professional realms in the 1980s and into the 1990s, at least in the U.S, it was a very tortured process. Almost as soon as businesses had upgraded to 33Mhz processors, 66Mhz processors came out. Similarly, the original floppy disk drives quickly gave way to 3.5-inch disks, which gave way to Zip drives, CD-Roms and so forth. In software, things were no better. After finally using computers and learning DOS, businesses were introduced to Windows 3.1 and thereafter were upgraded to Windows 95, 98, 98SE and beyond. Every part of binary technology over the past 40 years has seen a relentless drive toward cutting-edge technology, and that pursuit thrust upon the people of this world a technological reality that very few understand.

Today, most people are unable to say what SoC (System on Chip) drives their smartphones, what a GPU stands for, what the differences are between 4G and 5G wireless technologies and what many other basic technological concepts are. Even among insurance professionals, there are still many people who hunt and peck and are unable to achieve a typing speed of 45 words per minute.

Worldwide, almost all schools lack a structured curriculum for the K-12 system that not only teaches binary fundamentals to the young but also helps them to understand computing history and the potential future of computing and networking technology. Consequently, despite the significant numbers of people using social media and smartphones, and the rise of IoT, most people do not know the fundamentals of our present binary world.

Perhaps more damaging is what the future holds. If most people barely understand current technology, then quantum computing, carbon nano tubes and neurotropic technology will be ever more unnerving for even more people. This disparity between the few who understand it, and the tremendous numbers who access the binary world without comprehension, creates a dangerous situation in multiple ways. Yet, this is the situation in which cyber liability and technology E&O insurers are trying to insure a binary usage world.

See also: Future of Insurance to Address Cyber Perils  

With the whole picture in mind, it is time for insurers to start implementing, soonest, solutions that will prevent the future from being like the past two decades. Insurers and insurance brokers alike need to start to act in accordance with what being part of a community means.

In its most basic form, a community is a group of people or organizations that exist in the same area or share a common purpose, and the most successful communities are the ones that come together and put the good of the community ahead of any individual member. Insurers would do well to start to establish a series of townhalls in physical communities to talk about not only what cyber liability and technology E&O are but also go over every aspect of what cybersecurity is, from anti-virus software to which CPUs and GPUs are the least vulnerable, to cyberattacks.

It would be especially helpful if some of these townhall seminars were dedicated to people 65 and older, because many organizations are wanting to “help” seniors without providing them with reasonably secure cyber products. To date, seniors do not seem to have borne the brunt of cyberattacks. However, it is only a matter of time before cyber criminals begin to realize the monetary value of focusing cyberattacks on seniors.

Many insurance professionals are eager to point out that small and medium-sized businesses are extremely vulnerable to cyberattacks, but warnings from a distance are not an acceptable substitute, on such an urgent issue, for face-to-face human interaction. There is a reason that property and auto insurers in the 20th century, used a phrase such as “like a good neighbor, State Farm is there.” A neighbor is a community member who is invested in the success and challenges of others.

With the 2020 U.S census coming up, there still has not been a unified community outreach effort on the part of insurers to help the census begin and end in a secure form at the community level. The most efficient way insurers can help with the census is to provide public libraries and community centers with new computers and networking equipment and lending IT staff.

Insurers also need to work with the cybersecurity community and with K-12 schools around the world so that students understand how to be responsible netizens. There needs to be encouragement in education, from letting the young follow what is popular technologically, to what is actually effective and useful. If
insurers do not work with the cybersecurity community, then how can educators and parents ever really know what responsible netizen activity looks like? Insurers can either work with others to start reducing that deficit, which will also reduce the frequency of breaches, or insurers can repeat their mistakes and forever put their profitability and the safety of their insureds in doubt.

In terms of effective global communication, we who are living now are standing where once stood those who coped with the changes in communication wrought by the printing press and its transformation of the world. However, modern global correspondence faces challenges that require insurers to start putting solutions into place now that will have benefits that last in terms of decades and centuries. With that in mind, it is time for insurers to bring to life an international competition that will encourage students in the seventh to 12th grades to create educational websites or advanced robots or allow for a structured and interactive way for them to point out zero-day exploits and other vulnerabilities that would have a $500 million or larger impact on the world economy if the exploit were to be used against the netizen community.

Insurers also need to start to rate every piece of technology with an independent testing lab. The lab needs to be built with the authority and autonomy to ensure that its ratings are as impartial and accurate as possible so that insurers can work with information that is as close to factual as possible. Insurers also need to tackle higher education and work with an organization like IEEE to finally bring the training of software developers/engineers into the 21st century. It is time for software engineers to have to meet requirements that are on par with structural engineers and attorneys. Not only will this enable a minimum higher level of coding competency, but it will prevent the non-certified engineers from being allowed to put pieces of inept software code into programs upon which this world depends.

Helping the brilliant young become useful and positive contributors to the cyber community, creating an independent testing lab and working with other members of the netizen community to produce certified software engineers can only enable a netizen community that appropriately values and pursues safety, the common good and the future success of the cyber realm. All of this would be to the great benefit of cyber liability and technology E&O insurers and their insureds.

See also: Surveying Wreckage of Cybersecurity  

People often cite the increasingly sophisticated breach techniques of hackers or the hyper evolving technological innovations of technology companies as reasons why dark knight cybersecurity specialists have managed to become so formidable. However, the reality for the rise of hackers is the inaction of implementing long-term solutions by insurers.

Cyber liability and technology E&O insurers perhaps have the best vantage point of any other part of the private sector, because they get to watch in real time everything that happens before, during and after a breach. It is those insurers, especially cyber liability insurers, who say they can help and protect insureds, and who are actively offering their services on the world’s stage. Unfortunately, insurers have thus far acted as if they need only sprint to the finish line to help their insureds. This is not, though, a sprint. It is in fact a very long journey that insurers must undertake.

However, if insurers pace themselves, unite with each other to overcome shared challenges and reach out to other members of the netizen community, then they will be able to leave the winter of desolation behind and step into a future spring that is lively, safe, profitable and enduring.