How to action your scan findings to improve your overall Corvus Score
Updated May 2022
The most frequent question we get from policyholders at Corvus is how they can improve their Corvus Score. The short answer: it depends. But today we’re providing a longer, and hopefully more helpful, answer to guide any policyholders embarking on a journey of cybersecurity improvement.
For the uninitiated: the Corvus Score is the headline number of our Corvus Scan Report. The Corvus Scan Report is an assessment of an organization’s internet-facing cybersecurity hygiene and insurance risk that is provided via the Policyholder Dashboard to all policyholders.
The Corvus Scan Report on your Policyholder Dashboard is designed to help you quickly identify the critical issues that will move the needle for your overall security. Improving your overall Corvus Score will help to put you in the strongest position when it comes time to renew your policy.
Below, we’ve gathered some best practices for how to improve your score. Following these may help boost any organization’s overall score.
Before you start, please note that the weights of different components of the score are dynamic. That is to say: we cannot predict the exact number of points any remediation action will net for your overall score, because there are many other factors involved. However, after working with thousands of policyholders, we are able to share what we know to be the highest impact actions for most organizations.
In order to maximize your efforts, navigate to the vCISO Action Center within your Policyholder Dashboard and focus on the Critical and High Vulnerabilities and Securing Remote Access.
Patching Critical and High Vulnerabilities
- Ensure all software is patched to the latest versions. This comes from a strong patch management program to ensure that software is patched quickly when new versions are released.
- If you need additional information about the CVE’s listed in the report, you can search the CVE in the National Vulnerability Database.
- For more information on the importance of software patching, please check out our CISO’s blog post: Prioritize Your Patching: A Risk based Vulnerability Management Approach.
Securing Remote Access
- This portion of the Corvus Scan will display any remote access ports the scan identified. Assess your external footprint to ensure that only the systems and network ports required for business functionality are publicly accessible. In addition, use reputable hosting providers.
- Organizations should implement Multi-Factor Authentication (MFA) for any remote access methodology.
- Some remote access services that we identify may no longer be in use, in which case, we recommend closing them.
- For those organizations that are still using RDP for remote access, you should migrate to a different technology such as VPNs or consider Zero Trust Network Access (ZTNA) solutions.
- If RDP is required for business functionality, organizations should consider implementing an allow list to only grant access to trusted sources. Organizations should also ensure that MFA is enabled and enforced for all user accounts. For more information, please check out our article What is RDP, and why is it a security concern?