How do you handle antivirus alerts

That depends on the policy behind antivirus incidence.

Should be alert be for a legitimate file, it can be white listed.

Upon the incident being positive and a malicious file being in the system, it needs to be quarantined and delete it.

After the quarantine the source of the file needs to be checked in order to determine where it came from and where the vulnerability is in order to prevent future incidents.

Overtime these anti-virus alerts can be fine-tuned so that’s the frequency of alerts can be reduced.

Cyber insurance versus insurance companies

Getting cyber insurance cover is easy.

Getting cyber insurance coverage that is adequate and up to speed to current threats: totally different story.

Currently, very conservative and traditional insurance companies are trying to deliver top-of-the-line products; mostly to customers who don’t need them.

So what’s up with that?

While ago, I tried to sign an e-commerce business with an insurance company that appeared to be very advanced in signing cyber insurance contracts.

During the negotiations however, it turns out that they generally ruled out e-commerce businesses.

The main argument was that an e-commerce business could fall victim to a denial of service attack.

My counter argument was that any conventional business could burn down, and still they wrote insurance policies for the buildings of this client.

I went on to argue that denial of service attack’s are easily mitigated through various means; the most important one of which is a content distribution network.

Still, the insurance company wouldn’t budge.

Having close connections inside the insurance company I went ahead and looked at their exclusion list. And it was terrifying!

I ended up working with them to reduce the general exclusions, and softened up some of their strict policies towards certain types of businesses. And now, they are doing tremendously well and signing up risks, which are manageable.