Overview
Prepare, Protect, Respond
Prepare
Protect
Respond
Onboarding call
Bringing in guidance from the start
The AXIS Cyber onboarding call is the first step in elevating the cyber resilience journey. The Cyber Risk Advisory team hosts a one-hour session which includes:
- Review complimentary and discounted resiliency services
- Steps to engage and stay connected
- More about 24/7/365 Incident Commander support in the event of a cyber incident
- Overview of claims process and pre-approved panel vendors
Who is eligible?
Any primary cyber insurance policyholder of AXIS is eligible for a complimentary onboarding call with a member of the AXIS Cyber Risk Advisory team.
Who should attend?
Typical attendees include Chief Information Security Officer (CISO), IT Director, Risk Manager, General Counsel, and others as desired. Customers may choose to include their cyber insurance broker or agent.
How to sign up?
To schedule complimentary onboarding call, please email [email protected]
Cyber Resiliency Services
Elevating business protection
A cyber incident can be devastating for an organization, causing significant business interruption and reputational damage.
AXIS provides primary cyber insurance policyholders a set of complimentary and discounted services from selected experts, to elevate business protection, save on security budgets and find the right expertise to address insureds’ biggest concerns.
To engage in onboarding with the AXIS Cyber Risk Advisory team, email [email protected]
Complimentary services:
One-hour consultative session with AXIS preferred provider panel members, including:
- Breach/Privacy Attorney
- Business Interruption Accounting
- Crisis Communications
A secure place for out-of-band communication and incident management. It can serve as a repository for critical documents to help respond and recover.
Up to two hours focused on incident response planning, capabilities, and scenarios with a meeting to discuss templates, recommendations, and best practices.
A multi-hour assessment of business risk as it relates to 38 of the top NIST (National Institute of Standards and Technology) controls, utilizing a risk visualization platform to present findings and recommendations in a report and debrief meeting with a cyber security professional.
One-hour consultative session with a cyber security expert for tailored guidance. Topics often include specific control implementation/configuration discussions, best practices, and security budget prioritization.
Discovery questionnaire and debrief session to review one primary domain for Microsoft 365, with a best practice review session by a cyber security professional and summary of key recommendations.
Risk assessment to discover gaps in multifactor authentication (MFA), service accounts, and privileged access protection. Receive risk assessment report and identity incident response playbook.
Engage a data privacy expert from a third-party firm for a 30-minute session to review current and emerging regulatory landscape relating to AI that may impact your organization.
One-hour consultative session with AXIS preferred provider panel members, including:
- Breach/Privacy Attorney
- Business Interruption Accounting
- Crisis Communications
A secure place for out-of-band communication and incident management. It can serve as a repository for critical documents to help respond and recover.
Up to two hours focused on incident response planning, capabilities, and scenarios with a meeting to discuss templates, recommendations, and best practices.
A multi-hour assessment of business risk as it relates to 38 of the top NIST (National Institute of Standards and Technology) controls, utilizing a risk visualization platform to present findings and recommendations in a report and debrief meeting with a cyber security professional.
One-hour consultative session with a cyber security expert for tailored guidance. Topics often include specific control implementation/configuration discussions, best practices, and security budget prioritization.
Discovery questionnaire and debrief session to review one primary domain for Microsoft 365, with a best practice review session by a cyber security professional and summary of key recommendations.
Risk assessment to discover gaps in multifactor authentication (MFA), service accounts, and privileged access protection. Receive risk assessment report and identity incident response playbook.
Engage a data privacy expert from a third-party firm for a 30-minute session to review current and emerging regulatory landscape relating to AI that may impact your organization.
Discounted services:
Work with one of several expert facilitators to conduct planning sessions, select relevant scenario modules, conduct an executive-level exercise (up to four-hour remote session), receive a written report with recommendations for improvements, and debrief meeting for Q&A. Enhanced tabletop experience is also available.
Engage with a data privacy expert from a third-party firm to develop a pragmatic roadmap with tailored guidance to mitigate legal and regulatory compliance risks associated with the organization’s current and planned uses of AI solutions.
Implement one of several programs to customize and distribute end-user training content, including phishing simulations, with reporting and metrics.
Work with a qualified team to conduct internal/external technical testing, web app testing, social engineering, wireless/physical testing, and/or ransomware simulation testing.
An in-depth review of threat detection configurations, policies and rules, integrations with other security tools, and enhancement recommendations. Available for any endpoint protection tool, up to 1000 endpoints.
Work with one of several expert facilitators to conduct planning sessions, select relevant scenario modules, conduct an executive-level exercise (up to four-hour remote session), receive a written report with recommendations for improvements, and debrief meeting for Q&A. Enhanced tabletop experience is also available.
Engage with a data privacy expert from a third-party firm to develop a pragmatic roadmap with tailored guidance to mitigate legal and regulatory compliance risks associated with the organization’s current and planned uses of AI solutions.
Implement one of several programs to customize and distribute end-user training content, including phishing simulations, with reporting and metrics.
Work with a qualified team to conduct internal/external technical testing, web app testing, social engineering, wireless/physical testing, and/or ransomware simulation testing.
An in-depth review of threat detection configurations, policies and rules, integrations with other security tools, and enhancement recommendations. Available for any endpoint protection tool, up to 1000 endpoints.
This material is provided for informational purposes only and is not an offer to sell, or a solicitation to buy, any particular insurance product or service for a particular insured. It is intended for licensed insurance professionals. The services and service providers discussed in this document are suggested as risk mitigation and incident response resources. Use of AXIS Incident Commander does not constitute advice of any kind, and use of any service provider does not guarantee the performance or quality of the services provided, including the avoidance of loss, the fulfilment of any obligations under any contract or compliance with any law, rule or regulation. AXIS is not responsible for the effectiveness of a cyber risk management program and encourages each policyholder, together with advice from their professional insurance advisor, to perform its own independent evaluation of any service provider as part of its overall risk management strategy.
