Overview
Prepare, Protect, Respond
Prepare
Protect
Respond
Onboarding call
Bringing in guidance from the start
The AXIS Cyber onboarding call is the first step in elevating the cyber resilience journey. The Cyber Risk Advisory team hosts a one-hour session which includes:
- Review complimentary and discounted resiliency services
- Steps to engage and stay connected
- More about 24/7/365 Incident Commander support in the event of a cyber incident
- Overview of claims process and pre-approved panel vendors
Who is eligible?
Any primary cyber insurance policyholder of AXIS is eligible for a complimentary onboarding call with a member of the AXIS Cyber Risk Advisory team.
Who should attend?
Typical attendees include Chief Information Security Officer (CISO), IT Director, Risk Manager, General Counsel, and others as desired. Customers may choose to include their cyber insurance broker or agent.
How to sign up?
To schedule complimentary onboarding call, please email [email protected]
Cyber Resiliency Services
Elevating business protection
A cyber incident can be devastating for an organization, causing significant business interruption and reputational damage.
AXIS provides primary cyber insurance policyholders a set of complimentary and discounted services from selected experts, to elevate business protection, save on security budgets and find the right expertise to address insureds’ biggest concerns.
To engage in onboarding with the AXIS Cyber Risk Advisory team, email [email protected]
Complimentary services:
Planning session, customized scenario modules, up to a four-hour exercise (remote), written report with recommendations for improvement, and debrief meeting for Q&A.
Two, three-hour-long security assessment sessions with a cyber security professional to review 38 security domains, utilizing a risk visualization platform to present findings and recommendations in a report and debrief meeting.
Up to one hour of consulting with up to five different security experts. Topics can range from specific control implementation/configuration discussions to higher CISO-level consulting.
A secure place for out-of-band communication and incident management. It can serve as a repository for critical documents to help respond and recover.
- Breach Counsel Up to one hour of legal advice with any of our four breach counsel law firms to discuss breach/claim process and legal/regulatory considerations
- Crisis Communication Up to one hour of crisis communication consulting with up to two firms, on topics such as internal/external communication/notification issues, potential templates, etc.
- Business Interruption Accounting Up to an hour of advisory/Q&A to understand what information is needed to calculate business interruption reimbursements, ideally setting the right level of expectations.
Up to two hours to review incident response plan, capabilities, scenarios with a meeting to discuss templates, recommendations and best practices.
Two, three-hour-long security assessment sessions with a cyber security professional to review 38 security domains, utilizing a risk visualization platform to present findings and recommendations in a report and debrief meeting.
Up to one hour of consulting with up to five different security experts. Topics can range from specific control implementation/configuration discussions to higher CISO-level consulting.
A secure place for out-of-band communication and incident management. It can serve as a repository for critical documents to help respond and recover.
- Breach Counsel Up to one hour of legal advice with any of our four breach counsel law firms to discuss breach/claim process and legal/regulatory considerations
- Crisis Communication Up to one hour of crisis communication consulting with up to two firms, on topics such as internal/external communication/notification issues, potential templates, etc.
- Business Interruption Accounting Up to an hour of advisory/Q&A to understand what information is needed to calculate business interruption reimbursements, ideally setting the right level of expectations.
Discounted services:
Planning session, Incident Response Plan review, tailored scenario developed based on insured company/concerns, up to a four-hour exercise (remote or on-site), written report with recommendations for improvement and debrief meeting for Q&A.
Internal/external technical testing, web app testing, social engineering, wireless/physical testing, ransomware simulation testing, etc. services available.
Unlimited license to distribute and customize training content, presentation, phishing simulations, with reporting and metrics.
Full review of Microsoft 365 security posture using both automated and manual analysis, resulting in formal report with recommendations and meeting to discuss.
Discounted services
Enhanced Multi-Factor Authentication and Just-In-Time Identity Management License
Full license to deploy a leading-edge advanced authentication and just-in-time identity management for better account access and permission management.
Planning session, Incident Response Plan review, tailored scenario developed based on insured company/concerns, up to a four-hour exercise (remote or on-site), written report with recommendations for improvement and debrief meeting for Q&A.
Internal/external technical testing, web app testing, social engineering, wireless/physical testing, ransomware simulation testing, etc. services available.
Unlimited license to distribute and customize training content, presentation, phishing simulations, with reporting and metrics.
Discounted services
Enhanced Multi-Factor Authentication and Just-In-Time Identity Management License
Full review of Microsoft 365 security posture using both automated and manual analysis, resulting in formal report with recommendations and meeting to discuss.
Full license to deploy a leading-edge advanced authentication and just-in-time identity management for better account access and permission management.
This material is provided for informational purposes only and is not an offer to sell, or a solicitation to buy, any particular insurance product or service for a particular insured. It is intended for licensed insurance professionals. The services and service provider discussed in this document are suggested as risk mitigation and incident response resources. Use of AXIS Incident Commander does not constitute advice of any kind, and use of any service provider does not guarantee the performance or quality of the services provided, including the avoidance of loss, the fulfilment of any obligations under any contract or compliance with any law, rule or regulation. AXIS is not responsible for the effectiveness of a cyber risk management program and encourages each policyholder, together with advice from their professional insurance advisor, to perform its own independent evaluation of any service provider as part of its overall risk management strategy.
