Is your cybersecurity insurance underwriter hinting you should have SOC?
When it comes to cybersecurity for your organization, having a 24x7 Security Operation Center (SOC) may not be viable or contracting managed SOC may be out of your budget. This leaves most businesses on their own to handle their cybersecurity as best as possible. It is becoming a widespread practice for an organization to do business with another organization to carry Cybersecurity Insurance. To get the best rates when placing Cybersecurity Insurance; the insurance company underwriter will be looking for some information from the IT department as noted below.
- Written information security plan
-A inventory of your core assets
-Security Aware Workforce
-IRP Incident response plan
-Log Monitoring to prevent a breach.
When was the last time you did a security gap analysis audit?
Do you have a Playbook for cybersecurity prevention and response?