Cyber Insurance Continuing Education: What Your Insured’s SOC Says About Their Policy-Readiness

Why do insureds outsource their SOC? Do they really need one? What are three questions to ask insureds about their SOC? Read more to find out.
Cyber Insurance Continuing Education

We were delighted to host Nadav Arbel, the CEO and Co-Founder of CYREBRO, in our most recent Cyber Insurance Continuing Education Masterclass: Shoring up Proactive Security Defenses with SOC.  

SOCs monitor and analyze networks, servers, endpoints, databases, applications, and other systems activity 24/7, looking for anomalous activity that could indicate a compromise or security incident. Utilizing a combination of technologies and protocols, the SOC team detects, analyzes, investigates, reports, and responds to cybersecurity incidents. In turn, businesses are capable of defending themselves robustly against incidents and intrusions, regardless of the attack type, time of day, or source.

Why Do Organizations Choose to Outsource their SOC?

Many IT teams today are battling with a severe talent shortage – the number of skilled staff with cybersecurity knowledge and expertise has dwindled in recent years, exacerbated somewhat by the fast pace of the cyber industry. In light of the constant threat of a cyberattack and the scarcity of talent to manage them, organizations have invested in multiple technologies to monitor key aspects of their cyber security posture, detect any suspicious activity, and react accordingly 24/7, 365 days a year. 

However, this often becomes a siloed security system which can be both costly and difficult for CISOs and their teams to maintain. A consequent lack of visibility of the organization’s network then creates a vicious cycle of increased spending on cyber security and increased difficulty in managing it efficiently. This, in turn, prompts a bigger issue of alert fatigue.

Arbel explained that the high costs associated with running a SOC are a driving factor as to why so many SMBs today opt to outsource their SOC. The technologies, skills, and logistics required to operate a Security Operation Center cost millions of dollars and require constant, costly, and convoluted maintenance. 

Do Insureds Really Need a SOC?

“90% of SMBs do not have a SOC”

Arbel reported that murmurs in the cyber insurance sector indicate that businesses may be left with little choice but to have a SOC in the near future. Although having a SOC is not yet a minimum requirement to qualify for every cyber policy, many big players such as AIG have already announced that the implementation of a SOC platform will be a mandatory qualifying requirement by the end of 2022 for their policies. In this case, not having a Security Operations Center will tremendously affect the price of the insurance policy. 

Moreover, in 2023 many insurance companies have stated that they will not provide cyber insurance policies unless the insureds can demonstrate 24/7 monitoring of their network. In particular, SMBs will be expected to prove that they have the capabilities to supervise their organization’s network. 

3 Questions to Ask About SOC

Arbel outlined three questions to help assess the level of security afforded by their insureds’ SOC:

  1. Does your Security Operation Center work 24/7?
  2. Does your SOC have incident response capabilities? 
  3. Do your SOC use an automation orchestration and conduct threat intelligence? 

What to Expect from a SOC Platform Today

Arbel then provided insight into the CYREBRO product: a first-of-its-kind managed cloud-based, real-time, and interactive SOC Infrastructure.

He explained that this kind of high-spec, innovative SOC platform integrates an organization’s entire system and data sources into one centralized platform, which increases the control and clarity needed for efficient cybersecurity operations and removes siloes. Since the CYREBRO platform consists of a globally shared soc infrastructure, the burden of setting up and maintaining a traditional SOC is leveled out and shared across the platform users. 

The key advantages of a cloud-based SOC platform include:

  • Better visibility across an entire network, enabling more accurate network monitoring and faster detection of suspicious activity
  • Better, real-time reactivity to alerts and warnings 
  • 24/7 control over network security – unlike traditional SOCs which are human-resource heavy, cloud-based SOC platforms can run constantly.

 

Watch the full recording of Nadav’s Masterclass by filling in the form.

Make sure to follow our social media for our next Cyber Insurance Continuing Education events!