Breaking the Silos Between Insurance and Security Helps Avoid Costly Mistakes
A mid-market manufacturer of construction materials was in the process of increasing their security controls and addressing their operational technology risk exposure from their manufacturing equipment. They qualified for strong coverage at application. However, because of miscommunications between their in-house security and risk manager, coverage terms were reconsidered as the controls stated on their application were not fully deployed.
Because security controls were not in place upon application, this created the potential for limited extortion sub-limit, retention, and high waiting hours. Resilience’s underwriting team determined that if Resilience could confirm these controls were being deployed, then terms on extortion could be relaxed. We needed to quickly build an actionable cyber hygiene plan to implement the security tools represented on their application.
The client signed up for our Edge solution to enlist the help of our security team in completing the deployment of multi-factor authentication MFA and OT network monitoring. After making these changes, our security team was able to prove to our underwriters the client was making tangible progress toward implementing the critical controls that were missing during their application.
Our security team worked with the client to ensure the successful rollout of their MFA and OT network monitoring. We helped their team address critical external vulnerabilities, increase vulnerability management posture, and implement best practices for email security. During their first quarter, our security operations team held monthly meetings with their board, with quarterly meetings moving forward. This client proved that becoming cyber resilient is a journey, and getting help from experts can expedite the process.