Coalition cyber insurance: We need all of your business domains to protect them
All businesses take steps to ensure their locations remain secure and operational. One of the steps you might take is to install a security system to monitor attempts to access the premises after hours, alert you to fires, etc. You may also contract with a security company to monitor alerts for you. What if you didn’t tell the security company about a location you depend on to generate a large percentage of your production? As a result, they cannot monitor this location, and if there is a break-in resulting in damage, it could lead to a significant business income loss and property damage.
Like property insurers, Coalition gathers all necessary “property” data to holistically assess an insured’s cyber risk. For example, this includes all the domains you use for your business, not just the public-facing websites, but domains used for your email or internal networks as well.
When applying for insurance for your physical office space, a property insurance underwriter will ask you for all of your business locations, including factories, warehouses, as well as details about those locations. When a property insurer looks at your physical locations, they look at a building’s construction (bricks and sticks), sprinklers, if you are located in a flood or earthquake zone, etc. This additional information allows the insurer to underwrite and make recommendations to reduce your risk (firewalls were a construction technique long before they were a thing in IT).
Coalition asks for a complete list of your business’s domains because we need to assess the cyber risk of more than just your public-facing website. We need to look at your organization’s risk as a whole, and we need to do it entirely from the outside, just like a would-be attacker.
Identifying your business’s entry points
All of a company’s online assets can be entry points into their system. These assets include all domains, subdomains, and IP addresses.
Sometimes firms without a public-facing website feel safe from cyber threats. However, these firms use other online assets, including email. There is a lot of data on email servers, or they may house other vulnerable services such as remote connection tools like Microsoft Remote Desktop Protocol (RDP). As a result, a business can be vulnerable to threat actors via their email domain even without a website.
With a complete and accurate picture of your organization’s assets, we can discover what open ports your organization has, what technologies you use, and what security misconfigurations or vulnerabilities exist on your assets.
Assessing your online locations for vulnerabilities
Coalition generates billions of scanning events every month and analyses thousands of companies and their assets. Our goal is to look at the parts of our network exposed to the internet the same way an attacker would. By scanning entirely from the outside, we can provide you with real, actionable feedback about your cyber risk. We do this upfront for prospective clients and continuously for our policyholders.
We take extreme care in categorizing the different security issues and presenting clients with a risk score. For example, an organization with a critical risk score (between 91-100) has one or more vulnerabilities that, without remediating the risk score and requiring authentication, such as multi-factor authentication (MFA), to access the network, an attacker would be able to access either the data or assets of that organization.
Our ability to do this depends on having a complete list of your domains; we can only provide feedback on the networks we know you own. Our claims team has seen policyholders with vulnerabilities that could have been alerted and addressed before an attacker exploited it had we known all the organization’s assets upfront.
Policyholders can take control
Coalition also offers policyholders means to address and mitigate their risk score with Coalition Control, our software-as-a-service platform with attack surface monitoring. All Coalition policyholders have access to Coalition Control with extended attack surface monitoring included free.
Coalition Control allows your organization to monitor multiple third parties, vendors, suppliers, and other partners whose systems may be integrated or touch yours to a monitoring watchlist. Also inside the Coalition Control ecosystem is information about all of our cybersecurity solutions partners.
The good news continues: once you are a policyholder, there is no impact on coverage for the rest of the policy period if we notify you of a new vulnerability. Coalition believes in helping policyholders address their risks upfront. We all benefit from mitigating risk before an attacker uses it to exploit and compromise your system.
Cyber risk is complex, but that doesn’t mean we can’t solve it
By now, cyber risk is part of the cost of doing business, but managing risk and acquiring cybersecurity insurance doesn’t have to be complicated or intimidating. Coalition believes in helping policyholders manage their risk, and one of our biggest differentiators is our internal feedback loop. We deal with our policyholders end-to-end on their cybersecurity journey.
We know that working closely with our policyholders won’t prevent all claims — that’s what insurance is for, after all. But we also know that in partnership with our policyholders and insurance brokers, we can reduce both the frequency and severity of claims which benefits us all.