Risk Management: Do You Need Cybersecurity Insurance?
Having cybersecurity insurance is becoming common with many companies. Recently, the co-founder of ReFirm Labs, Terry Dunlap, sat down with American Express and shared his thoughts about the new trend.
During the meeting with American Express, Terry discussed who he believed needs cybersecurity insurance the most, why they need it, and in what ways it can be beneficial for companies to have.
Insurance Can Provide Peace of Mind
Purchasing any type of insurance helps companies to pay for damages that are caused to themselves or to customers. However, cybersecurity insurance is vital if any damages are acquired due to a data breach.
Information that any company stores have the chance of being stolen or accessed by hackers. Terry explained that there are many pros and cons to having third-party insurance and it typically comes down to the company, size, and how much information is being held.
Cybersecurity Insurance is a Great Safeguard
Cyber intrusions are a continual threat and are something that business executives have to be vigilant about and never ignore. Sadly, many do ignore the possible threat and can fall victim to hackers or sensitive data being accessed before they know it. These cyber-attacks can rack up a billion-dollar price-tag in no time.
“The attacker typically goes after the low-hanging fruit, and unfortunately that’s small and medium-sized businesses," says Dunlap, who co-founded ReFirm Labs, a company whose platform monitors firmware of embedded devices, and is also the founder of Tactical Network Solutions, which does tactical work for clients like the U.S. military.
Why Should Companies Have Cybersecurity Insurance?
The quick answer? It’s a good risk-management strategy. By having insurance it takes the financial burden and worry away from the insured and lets the insurer handle these aspects.
Although first-party insurance will cover some damages and costs that a cybersecurity breach can bring, however, third-party insurance can help with other expenses such as reputation management, credit monitoring (for those affected) and legal defense, just to name a few things.
What Does It Really Do?
Although it does cover expenses from a cyber attack and breach, the biggest thing that insurance does is that it encourages companies to boost their cybersecurity practices and ensure information is secure.
Each Country’s Insurance Will Be Different
When getting cybersecurity insurance it’s important to keep in mind that insurance in the USA and Europe are different, with the United States being more mature in handling security issues.
If you have more questions about cybersecurity insurance, please contact us and we can help guide you in making the best decisions for your company, security needs, and insurance that can protect if the worst happens. Contact us, here!
Part 4 of our series on firmware security analysis focuses on how to exploit the vulnerability Evan discovered in his analysis of the camera firmware.
Source code analysis produces a large amount of “false positive” results, which is one of the biggest complaints we hear against source code analyzers.
In part two of our firmware analysis, we discovered a potential overflow in the administration server, alphapd. It appears if you send a long string in the WEPEncryption field to wireless.htm, it can cause a buffer overflow.