Top 115 Cyber-Insurance Things You Should Know

What is involved in Cyber-Insurance

Find out what the related areas are that Cyber-Insurance connects with, associates with, correlates with or affects, and which require thought, deliberation, analysis, review and discussion. This unique checklist stands out in a sense that it is not per-se designed to give answers, but to engage the reader and lay out a Cyber-Insurance thinking-frame.

How far is your company on its Cyber-Insurance journey?

Take this short survey to gauge your organization’s progress toward Cyber-Insurance leadership. Learn your strongest and weakest areas, and what you can do now to create a strategy that delivers results.

To address the criteria in this checklist for your organization, extensive selected resources are provided for sources of further research and information.

Start the Checklist

Below you will find a quick checklist designed to help you think about which Cyber-Insurance related domains to cover and 115 essential critical questions to check off in that domain.

The following domains are covered:

Cyber-Insurance, 9/11 attacks, Anti-spam techniques, Antivirus software, Community bank, Computer forensics, Computer virus, Computer worm, Denial of service attacks, Digital cash, Firewall, Hacker, Information security audit, Information technology, Insurance, Intrusion detection system, Online banking, Phishing, Reckitt Benckiser, Risk management, Spamming:

Cyber-Insurance Critical Criteria:

Huddle over Cyber-Insurance visions and customize techniques for implementing Cyber-Insurance controls.

– Can we do Cyber-Insurance without complex (expensive) analysis?

– How to deal with Cyber-Insurance Changes?

– Is the scope of Cyber-Insurance defined?

9/11 attacks Critical Criteria:

Gauge 9/11 attacks tactics and learn.

– Do several people in different organizational units assist with the Cyber-Insurance process?

– Risk factors: what are the characteristics of Cyber-Insurance that make it risky?

– How much does Cyber-Insurance help?

Anti-spam techniques Critical Criteria:

Prioritize Anti-spam techniques issues and research ways can we become the Anti-spam techniques company that would put us out of business.

– How do senior leaders actions reflect a commitment to the organizations Cyber-Insurance values?

– Are we making progress? and are we making progress as Cyber-Insurance leaders?

– Is Cyber-Insurance Realistic, or are you setting yourself up for failure?

Antivirus software Critical Criteria:

Confer over Antivirus software engagements and oversee Antivirus software requirements.

– What are the success criteria that will indicate that Cyber-Insurance objectives have been met and the benefits delivered?

– How do we make it meaningful in connecting Cyber-Insurance with what users do day-to-day?

– What will drive Cyber-Insurance change?

Community bank Critical Criteria:

Test Community bank projects and assess and formulate effective operational and Community bank strategies.

– Think about the people you identified for your Cyber-Insurance project and the project responsibilities you would assign to them. what kind of training do you think they would need to perform these responsibilities effectively?

– What are your results for key measures or indicators of the accomplishment of your Cyber-Insurance strategy and action plans, including building and strengthening core competencies?

Computer forensics Critical Criteria:

Pilot Computer forensics projects and devise Computer forensics key steps.

– How do your measurements capture actionable Cyber-Insurance information for use in exceeding your customers expectations and securing your customers engagement?

– Who will be responsible for documenting the Cyber-Insurance requirements in detail?

– Does Cyber-Insurance analysis isolate the fundamental causes of problems?

– Who needs Computer Forensics?

Computer virus Critical Criteria:

Mine Computer virus outcomes and shift your focus.

– Where do ideas that reach policy makers and planners as proposals for Cyber-Insurance strengthening and reform actually originate?

– Are there Cyber-Insurance problems defined?

Computer worm Critical Criteria:

Chat re Computer worm governance and gather practices for scaling Computer worm.

– Do we aggressively reward and promote the people who have the biggest impact on creating excellent Cyber-Insurance services/products?

– Who will be responsible for making the decisions to include or exclude requested changes once Cyber-Insurance is underway?

– What knowledge, skills and characteristics mark a good Cyber-Insurance project manager?

Denial of service attacks Critical Criteria:

Administer Denial of service attacks tasks and interpret which customers can’t participate in Denial of service attacks because they lack skills.

– An administrator is concerned about denial of service attacks on their virtual machines (vms). what is an effective method to reduce the risk of this type of attack?

– Why is it important to have senior management support for a Cyber-Insurance project?

– What ability does the provider have to deal with denial of service attacks?

– How do we Identify specific Cyber-Insurance investment and emerging trends?

– Are assumptions made in Cyber-Insurance stated explicitly?

Digital cash Critical Criteria:

Unify Digital cash tactics and find out.

– Consider your own Cyber-Insurance project. what types of organizational problems do you think might be causing or affecting your problem, based on the work done so far?

– what is the best design framework for Cyber-Insurance organization now that, in a post industrial-age if the top-down, command and control model is no longer relevant?

– What vendors make products that address the Cyber-Insurance needs?

Firewall Critical Criteria:

Nurse Firewall goals and look in other fields.

– If the firewall runs on an individual host for which all users are not trusted system administrators, how vulnerable is it to tampering by a user logged into the operating system running on the protected hosts?

– Are all router, switches, wireless access points, and firewall configurations secured and do they conform to documented security standards?

– For your Cyber-Insurance project, identify and describe the business environment. is there more than one layer to the business environment?

– Is payment card account information stored in a database located on the internal network (not the dmz) and protected by a firewall?

– Does each mobile computer with direct connectivity to the internet have a personal firewall and anti-virus software installed?

– Are the firewall, router, wireless access points, and authentication server logs regularly reviewed for unauthorized traffic?

– Are web servers located on a publicly reachable network segment separated from the internal network by a firewall (dmz)?

– If wireless technology is used, do perimeter firewalls exist between wireless networks and the payment card environment?

– Is firewall technology used to prevent unauthorized access to and from internal networks and external networks?

– Is a firewall used to protect the network and limit traffic to that which is required to conduct business?

– Does the providers firewall control IPv6 access, or protect against both IPv4 and IPv6 attacks?

– How does the firewall quality affect the likelihood of a security breach or the expected loss?

– How vulnerable is the firewall to attacks via the network against the firewall itself?

– How does the firewall quality affect the likelihood of a security breach or the expected loss?

– How do we maintaining integrity between communication ports and firewalls?

– Do changes to the firewall need authorization and are the changes logged?

– Can the firewall support hot-standby/failover/clustering?

– Is there router and firewall encryption?

– How do you justify a new firewall?

– How many Firewalls do you have?

Hacker Critical Criteria:

Reason over Hacker tactics and tour deciding if Hacker progress is made.

– How can you negotiate Cyber-Insurance successfully with a stubborn boss, an irate client, or a deceitful coworker?

– What are internal and external Cyber-Insurance relations?

– Are the hackers waiting for me in the cloud?

– Should you hire a hacker?

Information security audit Critical Criteria:

Examine Information security audit goals and observe effective Information security audit.

– What potential environmental factors impact the Cyber-Insurance effort?

– What are all of our Cyber-Insurance domains and what do they do?

– What are the barriers to increased Cyber-Insurance production?

Information technology Critical Criteria:

Concentrate on Information technology quality and don’t overlook the obvious.

– Does your company have defined information technology risk performance metrics that are monitored and reported to management on a regular basis?

– Do the response plans address damage assessment, site restoration, payroll, Human Resources, information technology, and administrative support?

– If a survey was done with asking organizations; Is there a line between your information technology department and your information security department?

– How do we ensure that implementations of Cyber-Insurance products are done in a way that ensures safety?

– How does new information technology come to be applied and diffused among firms?

– How will we insure seamless interoperability of Cyber-Insurance moving forward?

– The difference between data/information and information technology (it)?

– When do you ask for help from Information Technology (IT)?

Insurance Critical Criteria:

X-ray Insurance failures and find out.

– If the liability portion of a Cybersecurity insurance policy is a claims-made policy, is an extended reporting endorsement (tail coverage) offered?

– What is your insurance agent telling you about your policy and what will be covered and what wont be covered?

– Do you require that sub contractors submit proof of insurance separate from the primary?

– Who is the main stakeholder, with ultimate responsibility for driving Cyber-Insurance forward?

– Do you require sub-contractors to carry E&O insurance?

– Do you need any special (e.g., flood) insurance now?

– Insurance covering equipment replacement needs?

– Is Cybersecurity Insurance coverage a must?

– How do we Lead with Cyber-Insurance in Mind?

– Insurance coverage?

Intrusion detection system Critical Criteria:

Deliberate Intrusion detection system issues and describe which business rules are needed as Intrusion detection system interface.

– What are your key performance measures or indicators and in-process measures for the control and improvement of your Cyber-Insurance processes?

– Can intrusion detection systems be configured to ignore activity that is generated by authorized scanner operation?

– How likely is the current Cyber-Insurance plan to come in on schedule or on budget?

– What is a limitation of a server-based intrusion detection system (ids)?

– What are the Key enablers to make this Cyber-Insurance move?

Online banking Critical Criteria:

Examine Online banking governance and devote time assessing Online banking and its risk.

– To what extent does management recognize Cyber-Insurance as a tool to increase the results?

– Why are Cyber-Insurance skills important?

Phishing Critical Criteria:

Reorganize Phishing risks and arbitrate Phishing techniques that enhance teamwork and productivity.

– Does your company provide resources to improve end-user awareness of phishing, malware, indicators of compromise, and procedures in the event of a potential breach?

– How to Handle Email Spoofing / Phishing?

– Are there Cyber-Insurance Models?

Reckitt Benckiser Critical Criteria:

Survey Reckitt Benckiser projects and adopt an insight outlook.

– Record-keeping requirements flow from the records needed as inputs, outputs, controls and for transformation of a Cyber-Insurance process. ask yourself: are the records needed as inputs to the Cyber-Insurance process available?

– What is our Cyber-Insurance Strategy?

Risk management Critical Criteria:

Trace Risk management risks and explore and align the progress in Risk management.

– Does your organization include risk management processes in policy decisions, such as implementation of a new specification, design requirement, or other related elements?

– Does your Cybersecurity plan contain both cyber and physical security components, or does your physical security plan identify critical cyber assets?

– Are interdependent service providers (for example, fuel suppliers, telecommunications providers, meter data processors) included in risk assessments?

– To what extent is Cybersecurity risk incorporated into organizations overarching enterprise Risk Management?

– What core IT system are you using?  Does it have an ERM or risk assessment module; and if so, have you used it?

– Does your organization have a company-wide policy regarding best practices for cyber?

– Whos in charge of inactivating user names and passwords as personnel changes occur?

– What further options might be available for responding to the risks?

– Does this make a reasonable demand on a users capabilities?

– Are executives and legislators sufficiently informed of risk?

– Have reporting expectations been established for entities?

– What is the prime directive of Risk Management?

– Have you had a pci compliance assessment done?

– What is the system-availability requirement?

– Will the rule interfere with others?

– How do you report cyberattacks?

– Who has the authority to manage risk?

– How many different rules are there?

– Who is at risk?

Spamming Critical Criteria:

Conceptualize Spamming goals and plan concise Spamming education.

– Will Cyber-Insurance have an impact on current business continuity, disaster recovery processes and/or infrastructure?

– Which individuals, teams or departments will be involved in Cyber-Insurance?

Conclusion:

This quick readiness checklist is a selected resource to help you move forward. Learn more about how to achieve comprehensive insights with the Cyber-Insurance Self Assessment:

store.theartofservice.com/Cyber-Insurance-The-Cookbook/

Author: Gerard Blokdijk

CEO at The Art of Service | theartofservice.com

gerard.blokdijk@theartofservice.com

www.linkedin.com/in/gerardblokdijk

Gerard is the CEO at The Art of Service. He has been providing information technology insights, talks, tools and products to organizations in a wide range of industries for over 25 years. Gerard is a widely recognized and respected information expert. Gerard founded The Art of Service consulting business in 2000. Gerard has authored numerous published books to date.

External links:

To address the criteria in this checklist, these selected resources are provided for sources of further research and information:

9/11 attacks External links:

Remains of firefighter killed in 9/11 attacks identified – CNN
www.cnn.com/2013/07/05/us/new-york-9-11-remains/index.html

9/11 Attacks – Facts & Summary – HISTORY.com
www.history.com/topics/9-11-attacks

Teaching my child about the 9/11 attacks – CNN
www.cnn.com/2012/09/11/living/talk-to-child-about-9-11/index.html

Antivirus software External links:

Spybot – Search & Destroy Anti-malware & Antivirus Software
www.safer-networking.org

Antivirus Software, Internet Security, Spyware and …
home.mcafee.com

Consumer antivirus software providers for Windows
support.microsoft.com/en-us/help/18900

Community bank External links:

Community Bank, N.A. – Official Site
www.communitybankna.com

Desert Community Bank – Official Site
www.dcbk.org

Home | Summit Community Bank
www.mysummit.com

Computer forensics External links:

Forensic Control – Computer Forensics & Cyber Security …
forensiccontrol.com

LARA – Department Policy on Certificated Computer Forensics
www.michigan.gov › … › Regulated/Licensed Professions

Computer Forensics Flashcards | Quizlet
quizlet.com/12459315/computer-forensics-flash-cards

Computer virus External links:

Title: Computer Virus – Internet Speculative Fiction Database
www.isfdb.org/cgi-bin/title.cgi?91962

[PPT]Computer Virus – University of Nebraska–Lincoln
cse.unl.edu/~ylu/csce855/notes/Viruses.ppt

The Computer Virus (2004) – IMDb
www.imdb.com/title/tt1433204

Computer worm External links:

[PDF]Computer Worms – School of Computing
www.cs.clemson.edu/course/cpsc420/material/Malware/Worms.pdf

A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers.[1] Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it.
Reference: en.wikipedia.org/wiki/Worm_(software)

Computer worm Facts for Kids | KidzSearch.com
wiki.kidzsearch.com/wiki/Computer_worm

Denial of service attacks External links:

[PPT]Denial of Service Attacks – Columbia University
www.cs.columbia.edu/~smb/talks/ddos/ddos.PPT

Denial of Service Attacks – BCP38
www.bcp38.info/index.php/Denial_of_Service_Attacks

[1712.07816] Acoustic Denial of Service Attacks on HDDs
arxiv.org/abs/1712.07816

Digital cash External links:

Dash is Digital Cash – reddit
www.reddit.com/r/dashpay

Business In The Age Of Digital Cash – Nasdaq.com
www.nasdaq.com/article/business-in-the-age-of-digital-cash-cm840965

Dash – Digital Cash – YouTube
www.youtube.com/channel/UCAzD2v9Yx4a4iS2_-unODkA

Firewall External links:

Business Firewall Support Site
mss.brighthouse.com

Appraisal Firewall
www.appraisalfirewall.com

GlassWire – Personal Firewall & Network Monitor
www.glasswire.com

Hacker External links:

The Hacker – Free Online Puzzle Games from AddictingGames
www.addictinggames.com/puzzle-games/the-hacker-game.jsp

Hacker News – Official Site
news.ycombinator.com

Information security audit External links:

ISO 27002 Information Security Audit Questionnaire
www.praxiom.com/iso-17799-audit.htm

Information Security Auditor Jobs, Employment | Indeed.com
www.indeed.com/q-Information-Security-Auditor-jobs.html

Information technology External links:

OHIO: Office of Information Technology |About Email
www.ohio.edu/oit/email

Rebelmail | UNLV Office of Information Technology (OIT)
rebelmail.unlv.edu

Umail | University Information Technology Services
umail.iu.edu

Intrusion detection system External links:

[1002.4047] Intrusion Detection System: Overview
arxiv.org/abs/1002.4047

[PDF]Intrusion Detection System Sensor Protection Profile
www.commoncriteriaportal.org/files/ppfiles/PP_IDS_SEN_V1.2.pdf

Online banking External links:

Online Banking | Members 1st Federal Credit Union
myonline.members1st.org

TD Bank Online Banking
onlinebanking.tdbank.com

New York Community Bank | Online Banking | Sign In | User ID
onlinebanking.mynycb.com

Phishing External links:

Report Phishing | Internal Revenue Service
www.irs.gov/privacy-disclosure/report-phishing

Gophish – Open Source Phishing Framework
getgophish.com

Phishing Scams | Navy Federal Credit Union
www.navyfederal.org/security/phishing-scams.php

Reckitt Benckiser External links:

McCormick to buy Reckitt Benckiser food unit – MarketWatch
www.marketwatch.com › Industries › Food/Beverages/Tobacco

McCormick buys Reckitt Benckiser’s food unit – MarketWatch
www.marketwatch.com › Industries › Food/Beverages/Tobacco

RBGPF Latest – Reckitt Benckiser Group Plc. | Seeking Alpha
seekingalpha.com/symbol/RBGPF

Risk management External links:

Risk Management Job Titles | Enlighten Jobs
www.enlightenjobs.com/risk-management-job-titles.php

20 Best Title:(risk Management Manager) jobs (Hiring …
www.simplyhired.com/search?q=title:(risk+management+manager)

Risk Management – ue.org
www.ue.org/risk-management