-
New cyber threats and how to inform your clients
Hi everyone, I was recently wondering about the question of new threats, since the cyber risk landscape is changing all the time, new vulnerabilities appear on almost a daily basis.
When a new vulnerability emerges, how do you notify your clients about it? what is the most effective way to communicate?
@dara-gibson @J.R. @Tom @ferdinand-rendl @valerie-jordan would love to hear your thoughts
-
5 Replies
-
Unfortunately, we find out about breaches through media, news posts, and social media. Carriers are reluctant to let us know – looks bad on them. I think it would be a great idea to add a section to the dashboard that are cyber alerts and what the breach was. This would be a great place for all of us to go to find out what is happening and what we need to tell our clients.
-
That’s a great idea! In fact, this is what our ‘Newsroom’ discussion broadcast channel is for!
-
-
I share emergency threat intelligence with my clients as soon as my analysts are aware if it. I also publish threat intelligence weekly to my vendor partners I work with. It is important that people are on threat intelligence feeds sponsored by local government agencies.
-
So in your experience, what is the best\most effective method to disseminate this information?
-
-
Hi everybody and sorry for my late reply. I was on business trip and my signal wasn´t sufficient.
From a carrier perspective it is very interesting to read the other posts regarding this topic. Of course, my feedback on this is not an official statement of my company, but it represents kind of our approach.
I would like to split threats in two parts:
1. critical failures in IT which can result in an cyber incident
We decided to not share each and every information about weakness in IT systems. We developed an process to rate critical weaknesses we become aware of. For example the CVSS rating must be 9 or 10. Furthermore we do only inform our costumers, if there is a hotfix available or any other mitigation action required. We want to avoid the situation, that the clients receive alerts from us without any benefit. That would lead to make them not reading our emails next time. We also don´t send alerts, if there have been official warnings by official institutions like BSI in Germany or NIST.
2. Threats to be considered in daily work
Our local underwriters are assessing and discussing the risk in detail. Based on that the coverage is designed. Our Risk assessment process is updated regulary by our dedicated risk engineering department. Ther are splitted to the tech team (technical assessment of the risk) and teh service team. Ther service team develops and offers services to improve the risk maturity of our clients. E.g. awareness trainings or implementation of MFA. The offered services are extended regulary if a new cyber thread is recognized.
As I´m not a native english speaker I hope the above comments make sense for you and maybe provide some ideas to adept.
I thomh the benefit of posting recent threats or weaknesses in the community makes only sense, if the information inclused also additional information. Like “why is it” or “how to avoid” or “how to close the gap”. Just sharing that there is a weakness or gap is no benefit im my eyes, because you have a huge overload of this information on hundreds of newsletters …
Kind regards to everyone
Ferdinand
Log in to reply.
