CFC Response App: More about proactive threat intel

The first in our series of posts detailing the inner workings of CFC’s new mobile app, find out how our proactive threat intel gives small businesses unparalleled access to information they’d otherwise have to pay thousands for.

Cyber Article 1 min Tue, Nov 17, 2020

With cyber insurance claims on the rise, our Response mobile app looks beyond policy coverage alone to ensure businesses are better protected before crisis strikes. One major component of this is our proactive threat intel feature which alerts app users of critical vulnerabilities specific to their business in the form of urgent notifications sent directly to their phone.

But where does this information come from? We gather it from a number of different sources: 

  1. Commercial open sources

    This is threat intel that anyone can access just by going to a website. These services, such as Have I Been Pwned or MX Toolbox, are free, but most small businesses either don’t know they exist or don’t know how the information they provide can be beneficial. CFC, however, does the heavy lifting by consolidating the information and feeding it back to clients in a more structured format through the app, explaining why it’s important and what clients can do to mitigate specific threats.

  2. Paid for subscriptions

    The second way we gather intel is through paid for services. CFC pays significant amounts of money to be able to give all of our small business clients the services most large corporate enterprises deploy to monitor their systems – all free with the policy.  And for businesses who may not have the budgets to spend on these services, this is revolutionary way to grow their cyber maturity, allowing them to actively conduct vulnerability scanning on all their external assets.  A really good example of a ‘paid for’ subscription model would be full access to BitSight reports, which would typically cost thousands to small businesses. CFC uses Bitsight intel to proactively monitor clients and deliver targeted alerts via the app, all free of charge.  

  3. Proprietary intel including human intelligence and claims data

    Lastly, our most valuable asset and something that’s unique to CFC is our proprietary claims intel. Over the last 20 years, we’ve built a database of over 50,000 cyber policyholders in over 60 countries. Today, our internal incident response team oversees upwards of 50 cyber claims a week, which enables them to quickly spot trends in real time.

    Last year, for example, our team noticed that hackers were targeting schools through business email compromise scams. Hijacking these accounts, the fraudsters then sent emails to parents, asking them to pay fees early – albeit to fraudulent bank accounts – in order to get a discount. Seeing multiple schools targeted with this scam, we were able to notify all our clients in the education sector.

The proactive threat intel feature of CFC’s Cyber Incident Response app combines enterprise-grade tools that can cost individual companies thousands of dollars, simplified and actionable publicly-available data, and real-time cyber claims information to give SME clients unparalleled insight into their cybersecurity vulnerabilities. Ensure your clients are downloading the app to take advantage of this valuable policy feature.

To learn more about the app, visit this webpage, and stay tuned for more blog posts exploring, in-depth, features of the app.

For more information about our cyber product, check out our cyber product page or you can get in touch via cyber@cfc.com.