Three Steps to Lower Your Cyber Insurance Premium: A Customer Story

Three Steps to Lower Your Cyber Insurance Premium: A Customer Story

For the past 18 months, you and your team have worked diligently to improve cyber security at your financial services firm. Now, imagine the moment you open the evaluation letter from your cyber insurance carrier and read:

“After our risk assessment, we have downgraded your cyber security risk rating from yellow to green (the lowest risk level). Your insurance premium will be decreased to reflect the improved status of your security posture.”

This sliver of a story is the basic truth for one financial services company who partnered with Masergy to make improvements in their cyber security. When our client initiated the project, they had no idea that this would be the outcome.

Like many companies, the financial services IT team lacked sophisticated security expertise and struggled to prioritize security improvements. They were overwhelmed with day-to-day troubleshooting and ensuring enterprise system functionality. In this case, they were not adequately staffed to function as security operations, and yet, those responsibilities fell to them. That’s why they reached out to Masergy for help.

So, what specific approaches and tactics helped them downgrade their cyber insurance risk from yellow to green? Here’s an outline of our joint program and the three-step approach that worked for them.

1. Create a Strategic Security Improvement Plan

Deep risk analysis was a critical first step in designing an overall security roadmap. Here’s what the customized Masergy Virtual CISO program covered:

  • Mapped the IT landscape
  • Performed penetration tests, vulnerability scans
  • Evaluated all collected intelligence, assessing the maturity of the organization’s security program
  • Identified security inefficiencies and prioritized security gaps with the greatest impact for the least amount of effort
  • Created a list of improvement tasks and followed up on completion
  • Repeated security tests and continually refined plan--rinse and repeat
  • Attended regular meetings to evaluate the security impact of IT and business decisions
  • Attended Change Advisory Board meetings to provide added security focus
  • Responded to customer-vendor risk assessments

Key security improvements included:

  • Implementing two-factor authentication
  • Enabling detection and response capabilities within the internal network, giving security operations deep visibility into inside activity and suspicious lateral movement
  • Prioritizing security efforts that follow the Pareto Principle--20% of the work has 80% of the impact

2. Build a Comprehensive Security Ecosystem

The client needed an optimized combination of innovative technology, resilient processes, and expert security analysts all working together to provide superior coverage across the entire infrastructure--both on-premise and cloud.

Using the list below as a guide for complete coverage, we identified which critical elements the client was missing.

  • Network behavior analysis backed by machine learning
  • Network Visibility
  • Vulnerability scanning
  • Endpoint detection and response
  • CASB (cloud access security broker) and cloud security protections
  • SIEM
  • Next generation firewall
  • 24/7 SOC monitoring services by experienced analysts
  • Threat intelligence
  • Best practices in incident response strategies

While the IT team had existing tools in place to address firewalls and vulnerability scanning, they needed to develop a more well-rounded approach. Masergy’s solution offered the flexibility to add the tools and features they needed, allowing them to complement existing investments--rather than taking a rip-and-replace approach. This helped reduce costs.

3. Implement 24/7 Monitoring, Detection, and Rapid Response

For the client’s IT team, monitoring was not enough. They needed help sifting through the endless event data to identify valid threats as well as responding to them. As a result, they turned to Masergy’s security operations to:

  • Customize an incident response plan using best practices
  • Implement 24/7 security monitoring, incident detection, and response
  • Integrate turnkey threat intelligence
  • Streamline incident management and response processes based on lessons learned

Within two weeks, the monitoring service was fine-tuned, reducing security noise to a manageable and prioritized list of action items for Masergy security professionals to address. The service was integrated with the client’s IT ticketing system, so Masergy acted as a natural extension of their team, following their standard process. Customized security reports also provided security insights formatted in ways that aligned with executive needs.

The Result: Downgraded Risk and Productivity Gains of 50%

With a comprehensive solution including strategic improvements, an ecosystem of tools and best practices, as well as a 24/7 monitoring and response team, the financial services firm made recognizable advancements in their security posture.

The three-step program not only reduced their risk status in the eyes of their insurer, it offloaded approximately 90% of security-related work for their IT team, accounting for productivity gains of more than 50%. As a result, their staff can now focus on the business at hand, driving strategic innovations that help the company compete in today’s digitally competitive financial services market.

Although the risk downgrade wasn’t necessarily the targeted intent of this particular program, it was a much-appreciated benefit of the investment. The insurance company’s green stamp of approval validates this three-step approach and further proves its worthiness.

Perhaps this strategy will work for you too.

Don’t miss the Managed Security Services Provider Survival Guide
Learn more about Virtual CISO services from Masergy
Get the Top Five Cybersecurity Threats to Watch Out for Now

About David Venable

VP, Cybersecurity, Masergy
David Venable, Vice President of Cyber Security at Masergy Communications, has over 15 years experience in information security, with expertise in cryptography, network and application security, vulnerability assessments, penetration testing, and compliance. David is a former intelligence collector with the National Security Agency, with extensive experience in Computer Network Exploitation, Information Operations, and Digital Network Intelligence. He also served as adjunct faculty at the National Cryptologic School.