Creating a Simple Threat Information Sharing Policy to Achieve Baseline Compliance
Several clients of mine have asked about adopting a threat information sharing policy to move towards baseline compliance in the FFIEC Cybersecurity...
What does your cyber insurance policy cover?
When did you last compare it to your risk assessment to see if it is actually mitigating the risks like you've documented and reported to the board?
Has your cyber insurance policy been updated to address threats such as whaling, business email compromise, corporate account takeover, and ransomware (to only name a few)?
Do your acceptable use policies align with policy requirements? Do your employees actually follow those policies?
These are questions that come to mind when I think about cyber insurance coverage, and the risks associated with it when it's not reviewed with proper frequency and depth.
Help Net Security recently wrote an article discussing cyber insurance coverage or lack thereof, specifically, when it comes to email.
Even if you don't find the article that helpful, at least use it (and my questions above) as a starting point to do a review of your coverage for the various cyber threats that your institution faces.
Several clients of mine have asked about adopting a threat information sharing policy to move towards baseline compliance in the FFIEC Cybersecurity...
Lately, we've been running into cyber security programs and information security programs (ISP) that are elaborate, lengthy, complex, and written...
We all know email is the top attack vector for cybercriminals. But when you look at some of the statistics recently released by Palo Alto Networks,...