As we discussed in a previous article, your policy includes an automated Coalition cyber risk assessment (CRA). In this article, we’ll discuss how to read your CRA.
The first thing you’ll notice on the overview page is your ranking. This is a “percentile” rating showing how your organization stacks up against all other Coalition policyholders and applicants.
The important thing to notice is that this is a sliding scale based on a percentile. In the above example. the insured is in the 60th percentile – indicating that their scans are better than 60% of all other policy holders and applicants. This does not indicate that the policyholder is only 60% secure. As Coalition policyholders get more secure over time, the “average” (50th percentile) will change as well.
The next section is an overview of the findings you’ll see in the CRA. Pay special attention to this section, as you’ll want to eventually address all the critical and high vulnerabilities found.
Special Note on Shared Hosting
Shared hosting environments, such as websites hosted on GoDaddy, DreamHost, and similar services, will often report vulnerabilities. We recommend contacting your provider to ask about these vulnerabilities as this is not something you can usually fix yourself. See our article on Choosing the Right Hosting Provider for your Business to ensure your making the right hosting decisions.
The Security Punchlist is a list of recommendations made for your organization based on the technologies, services, and vulnerabilities present in your organization. The example below is based on specific findings in a client’s infrastructure.
Exposed Employee Information
Coalition's signals intelligence platform collects information from past data breaches, hacker forums, and other dark web sources to determine whether an organization's data, including employee login credentials and other sensitive information, have been compromised in third party data breaches.
It’s important to note that the findings in this section are not indicative of a breach in the client’s environment. Rather, the email addresses listed in this section were by a 3rd party website and were lost or stolen.
We recommend using this section primarily for user awareness. We also recommend the use of Multi-Factor Authentication as well as implementing forced password changes (multiple times a year) and requiring complex passwords.
The recommendations section provides general security recommendations for you to be aware of. This includes items of concern that we see across all policyholders and are not specific to your environment
Discovered Proactive Measures
The CRA also shows some of the good things we found during our scans. This data is part of our detection processes that we expose to our insureds to see what positive decisions have been made in the past.
At the end of the report you’ll find additional technical data geared towards IT professionals to help them understand and correct the issues found in the CRA. The included appendices are variable, but often include:
- Domains and Subdomains Detected
- Devices Detected
- Applications Detected
- 3rd Party Services Detected
- Detailed Vulnerability Analysis
The CRA is provided to help our insures proactively improve their security. The details in the CRA report are updated over time as we improve and add to our analyses processes.
For more information on this topic please reach out to us; we’re here to help!