Embed Size (px)
Citation preview
Cyber Reconnaissance Cyber Intrusion ResponseCyber Phishing Defence
Brought to you by
Value adds for our cyber insureds
ONESTEP
AHEADBARBICAN CYBER OSA
In a changing world, the wise stay one step ahead
There is no secret to why cyber attacks succeed. Chances are the attacker’s cyber reconnaissance identified a soft data target. They scoped out the security, targeted the company’s weakest entry point and took advantage. Once they’re in, your data becomes their data.
To stay in control, you need to get ahead of the cyber attacker – and that is exactly where Barbican Cyber OSA ‘One Step Ahead’ puts you. Developed in partnership with leading cyber risk management specialists, Barbican Cyber OSA offers a series of ‘value adds’, at no additional cost, to help assess and improve your cyber resilience.
Let’s start with the reconnaissanceNo organisation’s network is fully breach proof. But there’s no excuse for making it easy for a data thief to access your information by leaving a cyber window open.
FICO Cyber Risk Score (CRS) Portrait puts you one step ahead of potential cyber attackers by conducting the same type of reconnaissance they do. From outside your network, the system scans the internet to identify your externally visible weak spots and red-flag indicators that could attract intruders and helping you shut any open windows.
Then there is your employee line of defenceThere is no point maintaining the highest levels of security, if someone unwittingly opens the data door by clicking a phishing email.
To tackle this, TSC Advantage, a global leader in enterprise risk and cybersecurity, conducts a series of controlled phishing simulation attacks on your company. That way you quickly get an understanding of just how ‘cyber conscious’ your staff really are, from the newest joiner to the longest standing senior executive. Then based on our findings we work to make your staff one of the strongest parts of your cyber defence.
And what if the attacker gets in? It’s safe to say that this will happen one day. And when it does, you need to be ready to switch instantly from defence to attack with a tested cyber incident response plan.
Our incident response training, provided by TSC Advantage, looks at how data intrusions are detected and how the incident sirens are triggered. We drill down into your incident response plans, putting them to the test against realistic scenarios and giving you clear guidance on how to get out of the blocks quickly when the alarm goes off.
ONESTEP
AHEAD
ONESTEPAHEAD
Barbican Cyber OSA - value adds for our cyber insureds
BARBICAN CYBER OSA
In a changing world, the wise stay one step ahead
Getting in frontNo organisation can afford to play data dumb. You know what data you have. You know what data they want. And you know what it means to your company and your customers if they get it. So, it’s up to you to make sure you stay One Step Ahead of any breach.
No organisation’s network is fully breach proof. But there is no excuse for making it easy for a potential intruder to access your data or your customers’ data by leaving a ‘cyber window’ open.
FICO Cyber Risk Score (CRS) Portrait helps ensure you are aware of any open windows in your cyber security. Our cyber risk quantification tool provides an easy yet highly effective way of keeping you one step ahead of a data thief.
Always under surveillanceFICO CRS Portrait turns the cyber tables in your favour by carrying out the same type of security reconnaissance on your organisation that any potential attacker would do.
Conducting continuous external scans, via the internet across your entire network, it identifies possible weak spots or red flag indicators in your cyber defences that could attract data intruders. Once detected, the system produces a series of clear, actionable insights to help you bolt shut those cyber windows.
Taking decisive action FICO CRS Portrait gives you an easy-to-interpret cyber security score rating. Based on the data generated by the external vulnerability scans, you will have a clear idea of just how soft or hard a data target your organisation is at that point in time. By being responsive to our cyber recommendations, you can immediately improve your cyber-security rating.
That rating not only helps you closely monitor the resilience of your cyber security, but also provides you with a standardised, trusted industry benchmark that demonstrates that resilience to your business partners, customers and shareholders.
Cyber Reconnaissance - a Barbican Cyber OSA ‘One Step Ahead’ value add
Some things are clearer when you are outside looking in
ONESTEP
AHEAD
FICO Cyber Risk Score Portrait ®
The next stepFICO CRS Portrait sits exactly where a potential cyber intruder sits – outside your network looking at the potential ways in.
That means there is no integration work or software to install, so benefitting from the cyber peace-of-mind it delivers could not be easier.
BARBICAN CYBER OSA
Most of us have a pretty good eye for detial – and that’s why most of us will spot the deliberate mistake in this sentence.
But would you spot the dash that should have been a dot in the email from your CFO that hits your inbox on the busiest day of the month demanding that you immediately explain the attached invoice? That might be the only clue you get that you are the target of a spear-phishing attack.
Bolting the data door Phishing attacks exploit a huge range of attack formats and strategies. In fact, they account for the vast majority of all network breaches. However, all attacks rely on one thing – your employees opening a data door.
Our phishing simulation training provided by TSC Advantage, a global leader in enterprise risk and cybersecurity, helps you keep your data doors locked and bolted.
Phishing aware That starts with measuring just how ‘phishing aware’ your staff currently are. To do that, we launch a series of controlled phishing and spear-phishing attacks across your employee email list to see how many click on the cyber bait.
Measuring click rates and staff reports of suspicious email activity provides you with an accurate awareness baseline. From there, we help boost that baseline by providing a comprehensive series of recommendations designed to turn your staff from being a potential phishing soft target into a solid part of your cyber defences.
Things aren’t always what they seem
ONESTEP
AHEAD
Phishing Simulation Training
BARBICAN CYBER OSA
Cyber Phishing Defence - a Barbican Cyber OSA ‘One Step Ahead’ value add
The next stepThe TSC Advantage team will work with you to design a series of phishing simulation attacks across a pre-identified list of your employees and can also conduct targeted spear-phishing strikes on specific individuals. Their highly skilled consultants are vastly experienced in conducting comprehensive phishing awareness programmes and will construct the training around the particular exposures faced by your organisation.
Liaising with your security experts, the team will deliver a detailed evaluation of the performance of your staff during the phishing exercise and develop a comprehensive programme of recommendations to help reduce your exposure to such attacks.
Your company is always under cyberattack – but you already know this. That’s why you have round-the-clock defences built to resist various types of cyber assault, from phishing and spear phishing to ransomware, malware and denial of access.
There’s a very good chance that these defences are standing firm. But cyber attackers are persistent, constantly probing for that tiny gap that lets them in – the out-of-date software, the upgrade that inadvertently shuts down your firewall, the member of staff in a rush who accidently clicks the wrong file.
Cyber intrusion support - from defence to response When the cyber attacker gets in, you need to be ready to switch instantly from defence to response with a tested cyber incident response plan – and that is precisely what our training aims to do.
Switching to response TSC Advantage, a global leader in enterprise risk and cybersecurity, provides incident response training that meticulously tests every stage in your incident response process.
No matter what the cyberattack, the core components of your plan remain the same. We’ll help ensure that you are quickly able to establish:
where you have been breached and how you can resolve this
which data and systems have been compromised and whether the attacker is still inside your network
how the breach happened and how to prevent it happening again
what you need to tell the authorities and affected clients (generally within a very short time period after discovering the breach)
Designed to make your organisation cyber ready, our training will enable you to manage an incident quickly, limit any damage, reduce your recovery time and help you maintain the customer trust you have worked so hard to build
It’s how you respond that’s important
ONESTEP
AHEAD
Incident Response Training
BARBICAN CYBER OSA
Cyber Intrusion Response - a Barbican Cyber OSA ‘One Step Ahead’ value add
The next stepOur training begins with a detailed review of your current incident response policies and procedures.
Then it’s time to put those plans to the test. A four-hour incident response tabletop exercise – conducted either on-site or remotely – will assess whether your response strategy is cyber resilient by testing it against the breach scenarios you have mapped out, as well as some you may not have considered.
Incident Response Training
Barbican Cyber OSA - value adds for our cyber insureds
Barbican Cyber OSA currently offers three value adds to bolster critical aspects of your cyber security strategy: cyber threat reconnaissance; cyber phishing defence; and cyber intrusion response.
For every $15,000 in net premium with Barbican you can choose one value add; spend over $30,000 you can choose two value adds, spend over $45,000 and get all three.
CYBER RECONNAISSANCEFICO Cyber Risk Score (CRS) Portrait Identifying externally visible weak spots and red flag indicators that could attract system intruders. Providing clear actionable insights on how to improve your cyber posture.
Indicative Market Value
$10,000-$50,000
CYBER PHISHING DEFENCETSC Advantage Phishing Simulation Controlled phishing and spear-phishing attacks to see how many employees click on the cyber bait. Providing recommendations on improving attack resilience.
$10,000-$15,000
CYBER INTRUSION RESPONSETCS Advantage Incident Response Exercises Combining table-top incident response exercises and in depth documentation review. Providing a detailed evaluation report on how to improve your cyber intrusion response.
$10,000-$15,000
* Conditions FICO Cyber Risk Score Portrait is available at no additional cost to the vast majority of Barbican’s insureds. The very few who do not qualify will receive a $1,500 discount
against the cost of a FICO CRS portrait licence.
Barbican insureds whose net premium spend is below the minimum amount to qualify for a free value add are still entitled to a $1,500 discount on any of the above services.
ONESTEP
AHEAD
The Value Adds
BARBICAN CYBER OSA
ONESTEP
AHEAD
ONESTEP
AHEAD
For further information on TSC Advantage please contact:
For further information on Barbican’s cyber insurance offering please contact:
For further information on FICO please contact:
FICO Cyber Risk Score Portrait is a cyber risk quantification tool that provides a stable, long-term score rating of the insured’s network security risk, helping them understand where their systems are exposed and how they can proactively strengthen their defences. Combining predictive analytics and a deep database of historical cyber information, insureds are provided with clear actionable insights, that include NIST guidance references, to improve their cyber defences and protect themselves against emerging threats.
TSC Advantage is a leader in enterprise security assessments, cybersecurity consulting, and managed security services. Since 2006, numerous federal agencies and commercial clients have relied on its expert advisors to solve evolving cybersecurity challenges, reduce vulnerabilities and lower cyber insurance premiums.
Barbican Insurance Group underwrites business predominantly through our syndicates at Lloyd’s. Delivering a first class insurance underwriting and claims service, providing innovative and bespoke solutions, whatever the complexity of your risk. Barbican’s lines of business include cyber, marine, aviation and transport re/insurance, property re/insurance, energy and specialty lines.
Will DurkeeCISSP, ITPM Director, Security Solutions
T 202-629-1960 x 342 E [email protected]
Graeme King Business Group Leader, Cyber
T 020 7082 1808 E [email protected]
Kimberley ManibusanDirector, Cyber Insurance Solutions
T +1 310 480 1836 E [email protected]
Find out moreBarbican Cyber OSA
To find out more about how Barbican’s Cyber OSA ‘One Step Ahead’ programme can help you stay in data control, please talk to your insurance broker.
