August 2022 Broker Update

Our expanded partnership with SiriusPoint and R&Q Accredited, keeping up with threat actors, and more.

Drop the thriller. We have your favorite new beach read right here — just as much action, but a lot less time consuming — the latest edition of Bird’s Eye. Behind? Reapply your sunscreen and catch up on our June newsletter here

For the latest in the cybersecurity world, a terminology refresher, and last but not least, the survival of the kakapo bird, keep reading:

What's New at Corvus

Our partnership with SiriusPoint and R&Q Accredited is growing. 

We’re excited to announce our expanded partnership with global specialty insurer SiriusPoint and reinsurer R&Q Accredited. This follows our initial agreement in September 2021, when we launched a multi-year partnership to support our Smart Cyber Insurance® offerings. The latest investment from SiriusPoint and R&Q Accredited adds an additional $100MM to the program, enabling us to invest further in our mission to make the world a safer place. 

Read the full announcement.

Cybersecurity Tips 

From VP of Risk + Response Lauren Winchester and CISO Jason Rebholz 

Have Clients with Corvus Score Qs? Let us help.

They should start with the vCISO Action Center on their Policyholder Dashboard. The vCISO Action Center provides a tailored and prioritized list of recommendations based on the Corvus Scan findings and the policyholder’s responses to the Security Questionnaire. The most critical issues — those with the highest likelihood to increase their Corvus Score and security posture — will be at the top. 

Of course, security isn’t always a straight path and is unique to each environment. However, having worked with thousands of policyholders on their cybersecurity journey, we can recommend best practices most likely to improve their score. For guidance, read our full article of best practices.

Threat actors are circumventing MFA. 

Threat actors used a single phishing campaign to target more than 10,000 organizations since September 2021, reports Microsoft. The approach seen here used a fake Microsoft login page, which allowed the attackers to steal their victim’s credentials and session cookie. By doing so, the threat actors were able to bypass certain forms of MFA altogether — the attackers could then move freely after, authenticated as their victim from the last login. Discover more on how threat actors are bypassing security measures.

🔍 Threat watch: The latest alerts and guidance on vulnerabilities.

On Your Radar

A roundup of recent commentary, analysis, and insights from our insurance experts

Back to the Basics: Your Cyber ABCs.

Need a refresher on the many, many acronyms and other terms in the cyber world? Looking at you, DDoS, MFA, BEC, and EDR (+ your other favorite tech-oriented vocabulary). Dust off your basic cyber expertise with our Cyber Insurance Terminology Guide.

Be in the (cybercrime) loop.

Tune in for weekly updates from the Corvus Threat Intel team on the who’s who (and the what’s what) of the always evolving threat landscape. This week: the Confluence Critical Vulnerability (CVE-2022-26138), macros, and MSPs as prime malware targets.

Corvus In The News

Bird Is The Word

Saving the world’s quirkiest bird from extinction? New Zealand is on it. The kakapo — the only flightless parrot! — has had its second most successful breeding season on record since the conservation program began in the 1970s. While once thought to be extinct, the population has grown to be around 216, now living (predator-free) off the coast of NZ.