Cyber Insurers jostle for pole position in exploding market

Reduced risk equals reduced premiums or other incentives.

Reduced risk requires continuous visibility and monitoring and assessment.

The Black Box vehicle insurance model provides a framework for understanding how information transmitted to a ” data centre ” about the way a young person drives a car will result in that person receiving a reduced premium or other incentives .. or not.

If business owners run their businesses in a way that ensures practical protection against the most common cyber attacks then they will equally be rewarded.

This model already exists in a simple way. Right now if you go to certain Cyber Insurance companies and you have the Cyber Essentials certification you will get incentives for this.

However Cyber Essentials is like your MOT – it is an annual event and a lot can happen within the year. Your systems can be altered so that ” holes ” appear for example.

It is likely that Cyber Essentials will recommend and Cyber Insurers will insist upon continuous monitoring against the Cyber Essentials ( or equivalent in other countries ) standard.

Exactly like the vehicle black box requirements.

Exactly how this ” Black Box for Businesses ” that we have will be utilised and what incentives will be provided has yet to be determined.

For certain many cyber insurers want to provide the best solution at the best price. They want to either remain or become the premier provider of cyber insurance globally.

If you speak to cyber insurance brokers about who is the best underwriter in the space at the moment it comes down to the clients specific requirements and the wording in the cyber insurance terms and conditions and the coverage of certain risks.

Download Report on Cyber Insurance market here >> https://www.alliedmarketresearch.com/cyber-insurance-market

If you would like an online demonstration of the LuJam Cyber solution please contact chris@lujam.com or call +44 (0)117 373 6186 and ask for Chris ref. online demo.

Being Cyber Secure is important but so is….

being in Control of your business….

and being in control means that you have the right business information at your finger tips displayed in a simple and meaningful way…

That might mean that it is integrated into your Business Information applications. Part of an overall Business Information dashboard.

To get the information you need to ..

Detect ..

the presence of all devices that are using your networks. Not just PC’s, laptops, ipads and mobiles but ALL IoT devices … alarms, cctv, voice activated devices,manufacturing controls etc etc

Company issued devices and Bring your own Device ( BYOD ) .. those network using devices that staff and visitors bring into your business premises.

It is nearly always a surprise to our clients how many devices are actually in use in their premises.

When you have detected them you have VISIBILITY of the hardware aspect and then you need to

Monitor ..

Who and what and where and when and why are these devices talking to ?

On your premises or off your premises ?

What is the typical pattern of communications ?

( A useful facility built into LuJam is that of monitoring your Internet Connection – when is it up or down ?? )

We establish ” normal behaviour ” and we are increasingly able to detect and highlight abnormal behaviour ( eg the salesperson that hates using the CRM application but is suddenly on it for 48 hours straight … is he leaving ? )

We also find that people are using applications and visiting websites that they shouldn’t be. ( Bad websites are simply black listed and blocked – but can be white listed )

Now you have VISIBILITY of how devices and applications are being used on your network and a

Digital Asset Register..

and you have an understanding of communications and applications usage patterns

NOW you are really getting in control !!

Now COMPLIANCE with the policies and directives that you issued as a Director of the Business with Fiduciary Duties in an effort to comply with eg GDPR Regulations – can be verified.

( N.B. Typically a companies board has to think about many aspects with regard to cybersecurity:

Regulation: Are regulatory requirements being met?

Fiduciary duty: Is the company acting appropriately with regard to cybersecurity for our stakeholders ( customers and shareholders ) ?

Company liability: How does a failure to perform effectively in cybersecurity affect overall business performance?

Personal liability: If I am the CISO and we underperform in cybersecurity, might that affect my position? )

Now your Cyber Insurer can assess the

RISK

in your business.

Your Cyber Security responsible person or company can easily help you get certified to Government standards ( Cyber Essentials, CE Plus, ISO 27001 ) but this will not just be an annual assessment it is a 365,24-7 compliance with those standards.

With a

Risk Assessment and Cyber Essentials certification your Cyber Insurer will balance Risk against Premium and be inclined to reward you for your efforts.

So you are cyber secure, you are in control, you are compliant, your policies are actually being adhered to you saved the business money on cyber insurance and GDPR risks and we like to say..

Peace of Mind has arrived.

N.B. We develop LuJam Cyber guided by GCHQ, NCSC, IASME and our partners and clients. If there is something you would like to see us doing please let us know.

If you would like an online demonstration of the LuJam Cyber solution please contact chris@lujam.com or call +44 (0)117 373 6186 and ask for Chris ref. online demo.

Macnamara ICT and LuJam Cyber partner for Continuous Cyber Monitoring

30 June 2019

Macnamara and LuJam

Macnamara has been involved with Cyber Essentials since the start, first becoming a certification body in April 2015, a few months after the scheme launched. We see the Cyber Essentials approach as a fantastic way for small businesses to achieve greatly improved security within their limited time and resource budgets. This is true whether they go for certification or not: we always advise that they do, after all they have done the work and might as well have the recognition to go with it.

One weakness though that we have been conscious of with Cyber Essentials is the risk of a false sense of security. In our experience, small businesses often approach the initial readiness process with great enthusiasm – especially if they are going for certification. The problem is that certification at both the self and externally assessed levels only covers a specific point in time. It can be hard to maintain the enthusiasm to make sure controls are kept in place once the certification buzz has passed. We have found that pressing immediate needs of the moment often lead to people overriding or even removing controls altogether.

We were very excited therefore when we came across the Lujam’s continuous monitoring approach. There are, of course, plenty of monitoring tools around but most are beyond the technical skills or budgets of our small business clientele. And, like all MSPs, we have our own suite of monitoring tools. But these are focussed on system support and maintenance rather than security. The LuJam sensor and service perfectly plugs the gap, giving us an affordable approach to monitoring client environments specifically around the five Cyber Essentials security controls.

It is easy for us to build LuJam into our service for existing clients as in most cases they are already paying for a variety of tools we use to protect them – several of which we can replace with LuJam. And, for new clients, LuJam provides us with a means of creating a big impression quickly.

For those clients to whom we have explained the benefits we have encountered precisely zero resistance – especially as we are able to onboard them at very low cost. In our first month as a Lujam partner we have found homes for the LuJam sensor in financial management, manufacturing and a counselling practice.

One particularly interesting (for us) use case is in a factory where we have VLAN’d the industrial control systems apart from the office network with some monitoring traffic passing from the control system network to the main office network and a limited requirement for external support companies to access the control systems. As we have no computers (in the traditional sense) on the control system network we were stumped for a cost-effective way of monitoring this network, LuJam provides a perfect mechanism for doing so. We know precisely what traffic should be on that network and we can use LuJam to quickly alert us to anything unusual.

LuJam also provided the answer to another conundrum. A client had sublet part of their office building but wanted to be able to keep a light touch eye on traffic in and out of the sublet network in the sense of wanting to know how much bandwidth was being consumed and making sure that nothing questionable was happening on their publicly identifiable IP address. LuJam allows to implement some very light tough and non-intrusive monitoring to satisfy this requirement.

If you would like an online demonstration of the LuJam Cyber solution please contact chris@lujam.com or call +44 (0)117 373 6186 and ask for Chris ref. online demo.

Demo Day – The Final of The NCSC Cyber Accelerator

NCSC Cyber Accelerator third cohort.

In the Great Room of the Royal Society of Arts, London, overlooked by Viscount Folkestone, First President of the Society of arts, painted by Gainsborough, representatives of the Government and Security bodies listened to 7 start-ups (including LuJam), their introducers and key speakers talk about their solutions for helping protect this nation and in many cases all nations.

This was the final presentation of the year and the speakers included the Secretary of State for Digital, Culture, Media and Sport, the Right Honorable Jeremy Wright, Baroness Neville-Jones (former Chairman of the Joint Intelligence Committee) and Chris Ensor, Deputy Director for Cyber Skills and Growth, National Cyber Security Centre.

Our CEO Tim Moran outlined how we stopped 95% of cyber-attacks in just 7 days utilising the 5 Controls of the NCSC’s Cyber Essentials program and then provided continuous monitoring and risk checking.

Our CEO (Tim Moran) explaining how LuJam’s solution delivers effective Cyber Security in 7 days.

Our SMB market alone was a global $20 Billion opportunity and 50% of all SMB’s were now supported by Managed Service Providers (as well as IT Services companies, Telco’s and Internet Service Providers). 

Tim showed our impressive list of Telcos/Distributors/ODM’s and MSP’s as well as those mentors like GCHQ and Tech Nation we were working with.

Our predicted exponential growth comes from a basic formula of MSP’s times clients and prospects times multiple locations and networks.

However he also explained that we are barely scratching the surface as huge opportunities in addition to SMB include Remote Workers (to enterprises), cyber insurers and supply chains ie the Enterprise related market and the Home Office/Wealth Management sector.

Also, yet to be analysed is the global shipping market.

Baroness Neville-Jones Keynote theme was that simple, direct effective cyber security was required and Tim and I spent some time discussing this with her.

Rt Hon. Baroness Neville-Jones DCMG: “If you make security complex, it’s much less likely to be effective. Make it simple, make it direct and you will raise the level of performance.”

Many Potential Investors surrounded Tim after his talk which was great to see.

We explained to one that although at the moment we were spending quite a lot of time bringing each Telco/MSP onboard right now (and listening to their detailed needs and requirements) using digital sales techniques we were streamlining and speeding up the onboarding process very quickly.

If you would like an online demonstration of the LuJam Cyber solution please contact chris@lujam.com or call +44 (0)117 373 6186 and ask for Chris ref. online demo.