The Importance of Cybersecurity Insurance

The purpose of Cyber Insurance is to mitigate losses from a variety of cyber incidents such as data breaches, business interruption and network damage. Instituting a Cyber Insurance program could help reduce the number of successful cyber attacks by promoting the implementation of preventative measures and promoting best practices based on the current level of self-protection.

Many companies, however, choose to forego Cyber Insurance policies citing the perceived high cost of those policies, confusion about what they cover and the uncertainty that their organization will suffer a cyber attack. As reported daily in news around the world, cyber attacks are a very real and every growing threat. Cyber Risk must be managed not only by implementing a strong cyber security program, but also by acquiring a cyber insurance policy to further protect your organization from the cost of losses due to a cyber breach.

Traditional commercial general liability and property insurance policies typically exclude cyber risks from their terms, leading to the emergence of cybersecurity insurance as a “stand alone” line of coverage.  That coverage provides protection against a wide range of cyber incident losses that businesses may suffer directly or cause to others, including costs arising from data destruction and/or theft, extortion demands, hacking, denial of service attacks, crisis management activity related to data breaches, and legal claims for defamation, fraud, and privacy violations.

The development of new cyber risk scenarios, models and simulations could help promote a further understanding of how a cyber attack can cross infrastructure sectors and where opportunities for risk mitigations might exist.

Protecting yourself and your organization has never been more important and as system breaches are reported daily, urgency is of the essence.

For more information on Cino Ltd’s Cyber Security and Cyber Insurance programs, call us at 516.932.0317 ext 312 or email us at info@cinoltd.com.

Cino Security Presenting at 89th CMAA World Conference Expo in San Diego

Cino Ltd. is proud to announce that we will be presenting at the 89th CMAA World Conference Expo in San Diego on February 25, 2016. This is an exclusive opportunity to hear from our Cyber Risk and Compliance Specialist, Fred J. Santarsiere.

 

About Fred:

Fred has over 22 years of information security experience and holds a large array of industry security and technical certifications. He has extensive experience in system auditing and is often consulted in the areas of security infrastructure remediation, penetration testing, IT governance, risk management, disaster recovery and information security and compliance within the Hospitality industry.

 

Fred Santarsiere

 

 

Fred also leads Cino Ltd.’s Incident Response Teams (IRT), which includes the Cyber Forensics Investigations Division. His expertise is frequently sought after by the military to serve as an instructor of the NIST Risk Management Framework, CISSP, CEH and CHFI (Computer Hacking Forensics Investigator) courses.

Fred has also served as an NYPD officer and U.S. Army Special Operations team member. He has extensive knowledge of HIPPA and PCI-DSS compliance and the ISO 27001 standard.

His certifications include:

  • CHFI – Compter Hacking Forensics Investigator
  • CISA – Certified Information Systems Auditor
  • CAP – Certified Authorization Professional
  • SSCP – Systems Security Certified Practitioner
  • CISSP – Certified Information Systems Security Professional
  • CEH – Certified Ethical Hacker
  • CISM – Certified Information System Manager
  • Various Microsoft Certifications: MCSA, MCSE, MCITP and MCT
  • Various Cisco Certifications: CCENT, CCNA and CCNA Wireless
  • Various CompTIA Certifications: A+, Net+, Security+, SMBEN and SMBAN

For more information regarding Fred and/or his presentations, please contact Diana Samudio at 516.932.0317 ext 308 or email her at dsamudio@cinoltd.com.

10 Tips to Protect Your Organization from Cyber Breaches in 2016

As we begin 2016, many businesses and organizations are taking what they’ve learned in 2015 and developing strategies to ensure that 2016 is just as, if not more, successful. One important thing to remember while planning ahead, aside from increasing the bottom line, is to include Cyber Security best-practice resolutions.

A major lesson learned in 2015 is that hackers and identity thieves are not only growing in number, but they are growing more emboldened with each successful breach and show no signs of slowing down in 2016.

For this reason a culture of Cyber Security is essential in every business, especially small to medium-sized businesses. Employees and customers alike should be educated on existing threats, particularly those they are exposed to, as well as how to protect themselves from a breach.

Here are 10 tips to help protect yourself and your business in 2016:

1) Create or update our information security and governance policy.

2) Update and test your plan annually. Include penetration testing, along with a simulated data breach event.

3) Annual employee education should be the number 1 priority. Individuals, not hackers, are the cause of most data breaches,

4) Define the proprietary/sensitive information for your business, confirm which employees need access to it and then train those employees on it.

5) Use at leas 14-character passwords including lower and uppercase letters, numbers and signs. Change your passwords every 90 days. A great password tip is to write and easy-to-remember sentence or phrase.

6) Complete regular software updates and patches. Most hacking events leverage old flaws that already have been addressed but proper patches have not been applied.

7) Emphasize the importance of protecting employees and customers when connecting to the Internet. Do not use public wi-fi except with encryption or over a VPN.

8) Know about and understand state and federal breach notification laws, which can significantly impact your business.

 

For information on developing a Cyber Security Program for yourself or your business visit our Cyber Security page or contact us at 516.932.0317 ext 312.