What policyholders can expect from our risk prevention solution.
Our risk prevention solution, Corvus Signal™, combines threat intelligence insights, hands-on help from cybersecurity experts, and an online risk dashboard so that resources are readily available. Now that you are insured with Corvus, tailored threat alerts and personalized security recommendations await you.
The Corvus team is now your team. All tools and services within Corvus Signal are offered at no additional cost during your policy term — an estimated $86,000 value.
How does Corvus Signal work to mitigate risk?
We combine a 24/7 Risk Dashboard, continuous threat intelligence monitoring, and on-demand cyber advice from the Corvus team to mitigate cyber risk for policyholders. Our partnership approach works: policyholders that engage with our services are 20% less likely to experience a cyber incident. It includes:
1. Risk Insights
- Continuous threat intelligence monitoring
- Cyber alerts tailored for each organization
- Always-on security recommendations
- Third-party vendor and partner risk reports
2. Risk Advisory Services
- Introductory call with a Corvus cyber expert
- On-demand cyber advice from the Corvus team
- Optimized security spending guidance with vetted vendors
- Policy renewal preparation and support
3. Risk Dashboard
- On-demand access to risk-rated security suggestions
- Intuitive tools to validate and improve suggestions
- Easy-to-navigate Vendor Marketplace
- Access to policy documents and claims tracking
💲 Corvus Signal Endorsement: To reward policyholders for engaging with our risk prevention solution, and to encourage more to do so, we are adding a Corvus Signal Endorsement to all new and renewing policies (beginning in July 2023).
The Corvus Signal Endorsement allows engaged policyholders to reduce their claim retention by 25%.* Find out more.
How do Risk Insights work?
Through dark web monitoring, we catch new threats fast. On average, we provide a 15 day head-start to patch systems before widespread active exploitation begins. Our personalized threat alerts are sent directly to your inbox and are displayed on the homepage of your Risk Dashboard.
We know that you are busy running a business, so we only send alerts when they really matter (only 12% of the threats we research result in an alert) and 82% of those are later exploited in the wild.
What are Risk Advisory Services?
Our cross-functional team of in-house threat intelligence, cybersecurity, and incident response professionals have a proven track record of success at preventing or reducing the impact of cyber incidents.
Throughout your policy, we are available to address new, established, and evolving threats alike. When it comes time for renewal, the path to insurability is always clear.
✋ Hands-on help:
If you need help setting up your account or would like to request advisory services, you may contact us any time at: email@example.com
What is the Risk Dashboard?
The Corvus Risk Dashboard allows you to explore, prioritize and fix gaps in your cybersecurity posture, plus level up your security with discounted offerings from preferred partners. (To access your Dashboard, you will receive an invite by email after your insurance policy is finalized.) You can access the following:
- The Scan Results show your latest report from the Corvus Scan, our non-invasive IT security scan. This is the same scan that Corvus uses to help underwrite your policy. It locates and prioritizes vulnerabilities by looking at your IT system from the outside-in -- the way a hacker would. When you first access your Dashboard, this section will already be complete — no action required. The information is updated monthly, at minimum.
- The Security Questionnaire covers the security policies and programs at your organization through the answers to questions provided by you or someone at your organization. This is the “inside-out” view to the Corvus Scan’s outside-in view.
- The Action Center is where the above sources of information are brought together into a single, prioritized list of IT security recommendations. In addition to recommended actions, we’ll include our recommendations for which free or reduced-cost services from Corvus will be most helpful for your organization.
- The Vendor Marketplace is a centralized repository of thoroughly vetted partners that offer cybersecurity products and services. When exploring the Vendor Marketplace, you will be presented with “tiles” that include: descriptions of our cybersecurity partners, what categories of services or products they offer, and upon clicking an individual tile, it will connect you directly to the vendor.
Overview of Scan Results
We recommend starting by reviewing your Scan Results tab, found on the left-hand side navigation. This tab's report will be pre-filled, since we run a Corvus Scan on all policyholders on a regular basis. We recommend that you revisit this tab in the future to see if any information has changed as your IT system evolves over time.
💡 Tip: Many Corvus Policyholders set a recurring reminder on their calendar to check in on their Scan Results once a month to keep tabs on their security posture throughout the year.
At the top you'll see an overview with quantitative scores, and below that each of the sections can be expanded to reveal the specific findings of the scan. This may be helpful for reference later as you work to remediate any issues prioritized in the Action Center, but otherwise no actions are required on this page.
Once you've reviewed your Scan Results, click over to the Security Questionnaire.
Overview of Security Questionnaire
The Security Questionnaire is critical to getting the most from the vCISO Center. This is where we gather information about the policies and programs in place at your organization. This information is then combined with the Scan Results to form the optimal priority of personalized recommendations the Action Center (discussed in the next section).
Landing on the Questionnaire home page, you’ll see two options: Smart Controls and Security Advanced.
This quick, five-minute module covers basic aspects of security, and can be filled out either by a member of your IT department or anyone with a solid understanding of your organization’s IT. The questions cover categories like Email Security, Data Backup and Recovery, Privileged Account Management and Endpoint and Network Security. Most are simple “select all that apply” questions. The results from this section inform the action center and provide insights on how to better your security posture.
This module within the Security Questionnaire requires a more advanced understanding of your organization’s IT. It covers most of the same categories as the Security Essentials module, but drills in deeper with Yes/No questions regarding more specific aspects of security within each category. This is why we recommend adding a member of your IT department’s leadership team to the Corvus Risk Dashboard as part of your setup process. Filling out the Advanced module will enable the most complete set of recommendations in the Action Center.
A sample of the questions in the Security Advanced module of the Questionnaire
The Action Center is where the rubber meets the road in your vCISO experience. Information from your Corvus Scan results are combined with the answers given in the Security Questionnaire, leading to a complete picture of security and prioritized recommendations.
If you’ve not yet completed any portion of the Security Questionnaire, you’ll only see Action Cards pertaining to risks discovered in the Corvus Scan. (You may see none -- even if your numerical scores aren't perfect, there may be no actions with a high enough impact rating to be included in the Action Center). Once you complete at least one module of the Questionnaire, you’ll see Action cards that result from the answers you've given, with the most critical at the top of the list.
Each of these Action Cards can be expanded to reveal details about the issue discovered, with explanation from our Security Team. Once you complete the Actions described in the Action Card, select “Yes” to move that card to the “Completed” section.
Your Action Cards will be updated each time we refresh your Corvus Scan report (monthly, at minimum) to include any newly discovered issues. We also recommend revisiting the Security Questionnaire once per year to account for any changes that have taken place in your IT system.
💡Tip: When you use the button to move an Action Card to "Completed," this selection will also flow back to the relevant part of the Security Questionnaire. That way, when you revisit the security questionnaire in the future, it will include your most recent selections.
The Vendor Marketplace is a centralized repository of thoroughly vetted partners that offer cybersecurity products and services. When exploring the Vendor Marketplace, you will be presented with “tiles” that include: descriptions of our cybersecurity partners, what categories of services or products they offer, and upon clicking an individual tile, it will connect you directly to the vendor.
Corvus has strategic relationships with vendors in the marketplace to unlock preferred pricing. In the spirit of staying true to our mission of making the world a safer place, Corvus is not involved in any sales that occur within the marketplace and we hand off this preferred pricing to our policyholders. As a Corvus Policyholder, you can take advantage of discounts in the Vendor Marketplace to continue along your security journey. By doing this, we hope to help organizations become more secure while also being cognizant of budgetary constraints.