In the world of risk…specifically risk mitigation, cyber insurance is the last chapter in your cybersecurity playbook. Let me explain: The goal of any security plan is to mitigate (stop or reduce) threats as much as possible. In a network, that means layered tools (firewall, anti-virus, backups), etc., along with policies, user education and other techniques. After implementing these active threat stopping and deterring steps, and therefore reducing your threat landscape to the lowest possible point (for your particular business needs), then employ a cybersecurity policy to transfer the remaining risk to an insurance company.
Phishing is a social engineering tactic used by hackers to gain access to a network through an unsuspecting email click or attachment download. Since 91% of breaches in 2017 began with an email, you can bet that email phishing is toward the top of your IT department's list of security threats.
If phishing is feared, then it's safe to say that spear phishing is abhorred. Spear phishing is essentially well-researched phishing.
Data breaches are extremely common, but still shocking to consumers. In 2017, roughly 54% of companies experienced a successful cyber attack of some degree of severity (Source). Data breaches are not only becoming more frequent, but they are also becoming more expensive. In addition, the law is increasingly holding companies accountable for data security.
According to research by Sophos, 32% of people advising others on cyber security matters fail to recognize today's basic threats. With the growing national attention on cybersecurity, it's no surprise that opportunists are flocking to capitalize on fresh business opportunity.
As a business owner or IT decision-maker looking for cybersecurity services, how can you identify the qualified providers?