Resilience’s NetDiligence Beverly Hills 2023 Recap

Five Events from NetDiligence, Beverly Hills.

by Davis Hake , Co-Founder & VP of Communications

NetDiligence’s Cyber Risk Summits have become a staple of networking and mindshare for the entire cyber insurance industry. This year, Resilience led over a half dozen of our own events to share research on changing cybercrime trends, rising threats to and from third-party vendors, and how new GenAI-based strategies could be leveraged by cybercriminals.

Breach Breakfast by Resilience, Tom Egglestone, Head of Global Claims, Resilience; Aaron Sherman, Coveware; Davis Hake, Co-Founder, Resilience.

Launching their Mid-Year 2023 Claims Report, Resilience held an intimate breakfast discussion with incident response and law firm partners the first morning of the conference. Tom provided an overview of the report’s findings showing that while ransomware trends showed 2023 on track to be a record-breaking year for cybercrime, fewer and fewer companies were making extortion payments to resolve an incident. This data was correlated by Aaron Sherman, representing the work Coveware has done tracking the ransomware market on a monthly basis. Aaron also provided a first-hand account of what it was like negotiating with ransomware criminals and ideas on how generative AI would help increase the ability of fraudsters to social engineer victim companies. 

Cyber Resilience Workshop by Resilience, Si West, Director of Customer Engagement, Resilience.

Resilience hosted a number of broker partners for an in-depth discussion on what exactly cyber resilience meant, and how it could be put into practice with live scenarios. The concept of cyber resilience involves understanding an organization’s cyber value-at-risk from a financial perspective, and working to prioritize cybersecurity investments that allow the organization to take a hit and continue operating. Si walked through a preview of a new blueprint for how Resilience is working with its clients and then led a tabletop breach scenario so that brokers can see firsthand how he and his team work with clients 1 on 1. Some Resilience team members, like CEO  Vishaal “V8” Hariprasad and SVP of Product Kurt Van Etten dusted off their cyber skills to join in with the brokers for a great afternoon session. 

Risks of Doing Business with Unsecured Third Parties Panel, Stu Panensky (M), FisherBroyles, LLP; Ryan Coyne, Experian; Tom Egglestone, Resilience; Mark Grazman, Fenix24; Matthew Saidel, FTI Consulting. 

Tom Egglestone joined a senior panel of legal and incident response experts to discuss how insurers have been reacting to an increase in attacks against clients through trusted third-party vendors. While outsourcing any business function inherently leads to more risk, companies face ever-growing pressures to support remote working or improve productivity. Incidents like the MOVEit attacks are having ripple effects across insure’s’ claims portfolios as they see second and third-party victims from the attacks. Handling these cases also presents some different hurdles for incident response and claims teams to clear. The panel discussed how establishing responsibility for who is handling the incident early on is vital, the vendor or the victim. They also left two key bits of advice. First, look beyond your organization’s borders. Ultimately, we all exist in an ecosystem where our clients are both users and suppliers of IT services. Guidance to clients should account for their position in the supply chain, as well as vendors within their own supply chain, as part of a holistic approach to cyber risk management. Second, organizations should move away from static approaches to vendor risk management. Current approaches see heavy investment in due diligence and recertification stages. Just like other areas of cyber risk, constant adaptation and monitoring is key to ensuring you’re resilient to reasonably plausible losses.

Hacker Salon by Resilience, Justin Shattuck, CISO, Resilience. 

In a standing-room-only event, Resilience CISO Justin Shattuck walked broker partners through a hands-on hacking lab to demonstrate techniques and tactics used by cybercriminals against their clients. The class of insurance brokers took on the role of “initial access brokers,” threat actors who conduct recon to gain access into enterprise networks. Looking at cyber risk from this POV, they learned the basics of cybercrime economics, the Lockheed Martin Cyber Kill Chain, and how criminal organizations are structured. Justin then led the class through how criminals select targets and gather open-source intelligence, then leveraged ChatGPT to build sophisticated spearphishing lures based on the gathered intelligence. Ultimately, these labs are designed to help brokers better understand the technical side of their clients’ cyber exposure and how to help make them harder targets for cybercriminals. 

Recharge Wellness Series by Resilience, Ingrid Smith, Director of Marketing; MaryKate Broderick, Assistance Marketing Manager, Resilience. 

While everyone was busy empowering their brains, the Resilience team and guests also took the opportunity to recharge their bodies and spirits, with a series of events every morning of the conference. Starting with a rooftop spin session on Monday, early risers were treated to a relaxing hour-long yoga session on Tuesday, and an intense boot camp to round out the week on Wednesday. A fresh juice bar awaited the participants to help shake off the conference cobwebs and start their days strong. 

Along with Resilience’s yearly reception party, it was a packed week at NetDiligence. If your organization is interested in learning more about cybercrime trends or getting hands-on experience with Resilience security experts, please reach out to our team at We’ll see you next year in Miami for NetDiligence, Florida!

You might also like

Building The Cyber Resilient Organization

In this article, we expound on the fundamental tenets of a cyber-resilient system. Those tenets distinguish it from mere cybersecurity.  And it is from these tenets (or truths) that the cyber resilient organization operates.

Resilience: the Cyber Risk Partner for the AWS Cloud

As partners with AWS, Resilience now has the capability to integrate our services with our customers’ cloud environment by way of AWS Security Hub. Through this integration, Resilience security experts can provide an enhanced level of visibility into our clients’ cloud security and actionable recommendations on how to improve their cloud security posture. These capabilities enable our clients to take timely actions to reduce their risk exposure and work toward higher cloud security maturity. 

Cybercrime Takes No Vacations

To help organizations keep their networks safe while enjoying the holiday season, Resilience has compiled this list of traditionally seasonal cybersecurity challenges and corresponding strategies to avoid them. 

Resilience at the World Economic Forum

Resilience CEO and Co-Founder Vishaal “V8” Hariprasad participated in the World Economic Forum’s Annual Meeting on Cybersecurity in Geneva, Switzerland. Hariprasad discussed the trends that are shaping the future of risk in cybersecurity.

From Military Service to Cybersecurity Experts

In today’s digital world, cyber risk is not just a threat to business operations but to entire countries. As the threat of cyber attacks grows in frequency and severity, the need for cybersecurity professionals who can understand and manage this risk grows in tandem.  

Why Enterprises Need More Than Insurance

The Resilience Solution contains security visibility, cyber risk quantification, and insurance working together in an integrated manner. This approach helps clients deal with cyber as both a technical and a financial challenge.