Reply to post: Re: Selling insurance against breakins seems insane

Insurance companies now telling you what tech to buy with um-missable price signals

Naselus

Re: Selling insurance against breakins seems insane

Um, most of the things you mention are good reasons why having an outside insurance agent to force you to comply with best practices is a good thing, tbh.

Keeping current on patches? Something we're always complaining ought to be in place, and roundly mock any company which is hacked for failing to do so.

One employee getting phished? Forces you to keep your anti-phishing training and automated email filters up to date and to enforce least privilege properly. If Susie in the call centre can't access anything, her being phished doesn't matter.

IDS having all it's alerts switched off? Not something that ought to be happening either.

Many of these things are areas IT and IS have spent years trying to push companies toward, but companies themselves have failed to see any reason to do so. Having an insurance company demand compliance to provide coverage may actually make C-suite or board members take it a bit more seriously.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019