Digital Risk: Enterprises Need More Than Cyber Insurance
Threatonomics

Breach and Attack Simulations: A Proactive Approach to Loss Prevention 

These simple but informative tests are like having a pen tester in your back pocket.

by Justin shattuck , Chief Information Security Officer
Published

Today’s CISOs and risk managers need to see around corners to proactively reduce risks before they turn into losses. Increasingly, CISOs also answer directly to the board of directors. No matter how tight you think your controls are or how big your budget is, I promise you things are happening in your environment that you do not know about. 

After decades as a network and security engineer and helping clients at Resilience, I know that we cannot help clients avoid all threats, but we can make them resilient to material losses.  Unlike legacy insurance providers, we provide clients with cyber insurance and a security solution that uses real loss data and data collected through our engagements to help you make better decisions about reducing cyber risk. 

We do this through continuous engagement with our clients. Rather than checking in with you once a year with a huge questionnaire, we engage with our clients more frequently to better understand their environment and give them ongoing actionable insights they can use to improve their risk posture. 

And now, with the latest release of our Essential Solution for loss prevention and our Edge Solutions for cyber risk management, we are introducing Breach & Attack Simulations and our Cyber Risk Profile Builder to help organizations take a proactive stance on risk management.  

Breach & Attack Simulation is a simple way to gather vital information to improve your cyber resilience. You can easily run a realistic simulation of the threat actors’ tactics, techniques, and procedures (TTPs)  within your environment(s) securely to assess your internal security processes, test and validate your existing controls, identify misconfigurations, and further refine improvements to your security program. 

Every team I have worked with has learned something new through the process. It’s like running a free tabletop exercise as existing controls and processes are tested, providing an opportunity to review and understand if your program is performing as expected.

One Resilience client found that their firewall configuration was leaving assets exposed to the internet; another found an obfuscated variant of Mimikatz in their environment that Microsoft Defender had not discovered despite its known availability to threat actors. 

Yet another client was unaware that their EDR was misconfigured for a subset of their endpoints. However, they identified it by conducting proactive tests in their environment. These kinds of issues are not uncommon, but they may not be captured by systems or testing.

More about Breach and Attack Simulation (BAS)

Resilience Breach and Attack Simulations (BAS), powered by AttackIQ, are a proactive approach to cybersecurity assessment that involves simulating real-world cyber attacks to identify vulnerabilities and weaknesses in an organization’s defenses. Unlike traditional security assessments, BAS goes beyond theoretical evaluations by replicating the TTPs used by actual threat actors. By doing so, BAS provides valuable insights into an organization’s security posture and helps identify areas for improvement. 

Our BAS testing includes:

  • Baseline Tests validate the effectiveness of clients’ security controls against modern malicious tactics. Our Essential Solution provides access to up to four (4) security baseline tests to assess controls against modern threats.  These tests do not require elevated privileges and run within an isolated environment that is removed at the conclusion of the test:
    • Content Filter: The Content Filtering test suite includes scenarios designed to assess the effectiveness of security technologies responsible for inspecting web-based traffic originating from the internal network. 
    • Endpoint Antivirus: This assessment package includes a selection of scenarios designed to test anti-virus (AV) efficacy with common ransomware, malware, and virus samples. It also includes “hacker tools,” which commonly evade AV detection.
    • Endpoint EDR: Scenarios included in the EDR test suite include adversarial behaviors specifically designed to elicit a response from a behavior-based endpoint protection technology. 
    • NextGen Firewall: This assessment evaluates the NGFW’s ability to prevent breaches and detect advanced threats, provide comprehensive network visibility and contextual awareness, and enable secure networking and convergence.

By integrating BAS testing into our risk quantification models, we provide clients with a comprehensive approach to cybersecurity risk management that empowers them to strengthen their defenses, mitigate vulnerabilities, and minimize the impact of cyber threats on their operations.

Learn more about Breach and Attack Simulation 

Breach and Attack Simulations (BAS) are a valuable tool for cyber insurance professionals looking to enhance their clients’ cybersecurity resilience. Incorporating BAS into service offerings enables more precise risk assessments, promotes proactive loss prevention measures, and helps clients gain a competitive advantage in the market. 

To learn more about BAS and all the new feature updates for the Resilience Essential and Edge Solutions, sign up for our free webinar today.

About the Author
Justin shattuck , Chief Information Security Officer

You might also like

third-party cyber risk management

New Frontier: Cyber Risk Mitigation with Superforecasting

You’re a CISO, bombarded from all sides. New vulnerabilities emerge daily, vendors tout countless security solutions, and your inbox overflows with security alerts. Your skilled analysts are stretched thin, struggling to keep pace with the ever-evolving threat landscape. How do you make sense of it all? How do you prioritize investments, allocate resources, and make […]

third-party cyber risk management

Cybersecurity Essentials: The Role of Vulnerability Management in Building Cyber Resilient IT Systems

Navigating the complexities of cybersecurity requires a strategic approach to mitigate risks and safeguard IT systems. Central to this approach is vulnerability management, a systematic process that identifies, assesses, and prioritizes vulnerabilities within organizations’ infrastructure. Understanding what vulnerability management entails and how it contributes to preemptive cyber defense is critical.  According to a recent report […]

third-party cyber risk management

Mastering Cybersecurity Risk Metrics: A New Way to Think About Cyber Risk

Digital threats are not just possibilities but inevitabilities; understanding and calculating cyber risk is more than a precaution – it’s a necessity. Understanding cybersecurity metrics is essential to safeguarding and improving business operations. Calculating cyber risks simplifies complex issues and empowers professionals to communicate them clearly to improve their organization’s digital security. This requires a […]

third-party cyber risk management

Evolving Cybersecurity: From Risk Management to Cyber Resilience

With an astonishing 95% of cybersecurity breaches attributed to human error, organizations must educate, train, and implement a security foundation for all employees. This staggering statistic highlights the vulnerability of humans within digital infrastructures and underscores the importance of building a security-forward mindset into the culture of resilient businesses.   As cyber threats continue to lead […]

third-party cyber risk management

Counting the Cost: Understanding the Financial Risk of Cybersecurity Breaches

Cybersecurity breaches stand as a relentless challenge for organizations worldwide, causing substantial financial repercussions. As cyber threats advance in complexity, the economic impact on businesses intensifies, affecting everything from upfront costs to sustained financial health.  A thorough investigation into the financial risks posed by cybersecurity breaches reveals the breadth of direct and indirect expenses that […]

third-party cyber risk management

Rewriting the Rules of Cyber Security Risks: Part II

Building Cyber Resilience requires a new approach to assessing, measuring, and managing risk. Traditional thinking from both the security and insurance sectors views risk management in binary silos that either stop an attack or fail to prevent loss. However, the truth is that cyber security risk is significantly more complex. Being resilient to cyber security […]