The benefits of ‘meaningful’ cyber insights – Coalition

As digital risk has evolved, so has cyber insurance. However, many commercial brokers are not cyber specialists, so advising on cyber risk can be a challenge. That’s why looking to work with cyber insurance providers who can help them stay on top of the changing cyber risk landscape is crucial.

By providing meaningful cyber insights throughout the lifecycle of a client’s policy, brokers can establish themselves as a quintessential resource, regardless of whether they are cyber specialists or commercial generalists.

Active monitoring and alerting

While many cyber insurers use risk assessments during the quoting and binding process to determine clients’ current and potential future risk levels, this is not enough to keep pace with how quickly threat actors evolve. Organisations need to be able to see their attack surface as an attacker does. They need to understand their risk continuously, as attackers search for exploitable cracks in their security defences.

With active alerts, brokers can help their clients stay on top of new vulnerabilities. According to Coalition’s claims data, policyholders with even one unresolved critical security finding were 33% more likely to experience a claim.

In the last two years, Coalition delivered nearly 55,000 active alerts of critical vulnerabilities to its policyholders through its cyber risk management platform, Coalition Control. To fix the issues, Coalition sent security recommendations and self-service resolution methods with on-demand access to its security team. As a direct result, Coalition observed a 43% reduction in policyholders with critical vulnerabilities.

This active approach to monitoring, alerting and remediation has helped Coalition policyholders experience 64% fewer claims than the broader industry in 2022.

Continuous threat intelligence

Threat intelligence doesn’t stop at notifying policyholders about active issues. Brokers should look for insurers that track new cyber attack methods. Coalition’s research team Security Labs uses data insights to identify emerging threats. For example, cybercriminals are increasingly turning to generative AI writing tools to create credible phishing emails, texts and videos in multiple languages, enabling attacks en masse and at scale.

Claims and incident response teams also play a role in increasing understanding of cyber threats. Coalition Incident Response recently observed an increase in multi-factor authentication (MFA) spamming attacks leading to claims. In this attack type, threat actors overwhelm employees with nonstop authentication requests. As a result, users may accidentally accept a request or accept out of frustration, granting threat actors access to their systems.

Managing risk from third-party vendors

Most organisations partner with third-party vendors to provide valuable services. These vendors often have access to clients’ networks and are trusted sources of links, files and other attachments, making them ripe targets for cybercriminals.

Educating clients about the cyber risks they take on due to their relationships with third parties and helping them manage it is also a critical role for brokers. Most risk assessment tools only look into the insured’s risk profile, however, more sophisticated cyber risk management platforms will also allow a continual review of third-party vendors. Coalition Control includes this service.

Ultimately, Coalition holds a mirror up to an organisation’s network to visualise what it looks like from an attacker’s perspective, including exposed vulnerabilities, third-party risk and more. With an ongoing insight into cyber risk and the right support and guidance, brokers are better positioned to help clients continuously reduce their cyber risk.