Request a Demo Free Trial
Request a Demo Free Trial

                                      1 min read

                                      Message to the Private Sector: Harden Your Cyber Defenses Immediately

                                      Featured Image

                                      Now that the rapid response dust has settled, I wanted to comment on the Statement by President Biden on our Nation’s Cybersecurity.

                                      In a statement from the White House at the beginning of this week, President Biden of the United States echoed a message from the US federal government to the private sector that has been growing in volume and urgency for years - critical infrastructure must “harden your cyber defenses immediately.” You can read it here, and – no, there are no surprises.

                                      We heard a similar message from AXA XL and Munich Re two weeks ago. The reality is that the private sector, especially organizations, and companies affiliated with critical infrastructure, are over-exposed to cyber risk. This clearly leaves insurance underwriters, economies, and nations exposed risk in general. I believe the financial losses suffered from by cyber insurers and (re)insurers of the last two years are an unfortunate, but much less severe indicator of what could be, when compared to cyber-attacks because of geo-political conflicts such as the Russian-Ukrainian conflict (which was the obvious impetus behind the Whitehouse statement this Monday.) See our conversation on this topic at the DeNexus and ForeScout webinar on day 1 of this event.

                                      So, what do we do with this information?

                                      Well, nothing or everything. In the end, this statement was another plea, and a loud one. A plea to do what the United States has been warning the industrialized world to do for a long time, beginning with the Obama Administration, then under the Trump administration and again under the Biden Administration. Recent advancements on cybersecurity guidance with NIST and the MITRE ATT&CK Framework are thankfully providing much needed guidance for cybersecurity leaders managing critical infrastructure and IT enterprise networks. The recent tensions between Russia and the much of the world due to their invasion of Ukraine have only placed an explanation mark behind the following:

                                      • Patch Often: Seek maximum device visibility and policy management capability so that you can patch carefully in the OT environment. Perimeter quickly and inside carefully.
                                      • Calculate your cyber risk exposure: If you cannot calculate your cyber risk, focus on doing so immediately based on FAIR™ (Factor Analysis of Information Risk). Doing so will guide cybersecurity investments when CISO’s are fighting for budget and align with the insurance strategy to transfer risk.
                                      • Use Frameworks: Adhere to the NIST CSF and MITRE ATT&CK frameworks as guidance in threat protection, detection and response actions.

                                      Learn More

                                      ILS funds already carrying cyber risk, they’re just not getting paid for it: DeNexus

                                      The increased digitalisation and interconnectedness of the world has altered the risk profile of portfolios, meaning that insurance-linked securities...

                                      Read More

                                      DeNexus Completes SOC 2 Compliance Type 1 Report

                                      We are excited to announce that DeNexus Inc has successfully achieved SOC 2 compliance and received our “Type 1” Report in March, which examined our...

                                      Read More