Cyber Insurance, and what is your response plan?

  • In the course of my work, I've been thinking about cyber insurance, but while I was mulling it over I realized that I would not have the faintest idea how to tell if I was hacked in the first place!

    What software & hardware refinements can be brought to bear to harden your network? I am an army of 1. I keep busy working with people who book business that happens to need some kind of data wrangling, cleaning, etc and it happens that I can do it more efficiently than they, so I'm kind of a consultants' sub-contractor, if you can follow that lineage 😛

    So I don't have a zillion bucks to burn, but would love to know what can I do to protect myself better than I am?

    1)What is the best way to protect yourself from hacking? If we divide the worked into software and hardware, you must have antivirus software & firewall, but must you also use a proxy server and or something else to harden your access?

    2)For hardware, are there topological refinements to harden what the immediate world has, a wireless router cabled to a modem wired to an isp. Even if the wireless segment is encrypted, is it more secure to just cable from your cpu to your modem?

    3) How would you know you were hacked anyway? How do you identify, trap, log, or detect an intrusion?

    Thank you for your illumination

  • Waiver - at the present time I happen to work for an org that sells Cyber liability insurance. In my previous work I did a lot similar items to what you talk about so I am describing what I used to do to help secure things.

    1. as an individual there isn't a lot you can do to protect yourself from being hacked. Follow all of the typcial do's and don't (encrypt the wireless, don't broadcast if you can avoid it, use wired over wireless, find good router with good raintg on their security and change away from the factory settings), but otherwise not a huge amount. You could choose to log everything, but again unless you invest a LOT in expensive routers, you won't have any IDS worth bothering with.

    2. if you have a wireless network for the house - consider having ANOTHER wired only router to connect your work machine to the rest of the assets. The modem itself usually provides NO security, so no I would definitely not just wire my PC into it (not even my home machine.

    3. physical security tends to provide the easiest gains. I quickly got to a point where I never stored customer content on my hard drives. These days with USB drives being cheap and with ample storage, set up a separate USB drive for each customer, and plug it in only when you need to work on it. Encrypt any customer data at rest whether you think it's important or not. I also used removable drives for any temp files needed. If you have a separate "work" machine - use wired only, and if you can manage it - unplug it when you're done. Lock them up somewhere safe.

    4. work out with the customer what the most secure way might be to send data back and forth. Unencrypted e-mail is just an invitation for a loss, and shouldn't be accepted period. Find whatever works for both of you and then stick to it (put it in writing as well).

    ----------------------------------------------------------------------------------
    Your lack of planning does not constitute an emergency on my part...unless you're my manager...or a director and above...or a really loud-spoken end-user..All right - what was my emergency again?

  • Lots of good ideas, thanks very much for your advice.

Viewing 3 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic. Login to reply