Overview
Prepare, Protect, Respond
Onboarding call
Bringing in guidance from the start
The AXIS Cyber onboarding call is the first step in elevating the cyber resilience journey. The Cyber Risk Advisory team hosts a one-hour session which includes:
- Review complimentary and discounted resiliency services
- Steps to engage and stay connected
- More about 24/7/365 Incident Commander support in the event of a cyber incident
- Overview of claims process and pre-approved panel vendors
Who is eligible?
Any primary cyber insurance policyholder of AXIS is eligible for a complimentary onboarding call with a member of the AXIS Cyber Risk Advisory team.
Who should attend?
Typical attendees include Chief Information Security Officer (CISO), IT Director, Risk Manager, General Counsel, and others as desired. Customers may choose to include their cyber insurance broker or agent.
How to sign up?
To schedule complimentary onboarding call, please email [email protected]
Cyber Resiliency Services
Elevating business protection
A cyber incident can be devastating for an organization, causing significant business interruption and reputational damage.
AXIS provides primary cyber insurance policyholders a set of complimentary and discounted services from selected experts, to elevate business protection, save on security budgets and find the right expertise to address insureds’ biggest concerns.
To engage in onboarding with the AXIS Cyber Risk Advisory team, email [email protected]
Complimentary services:
Planning session, customized scenario modules, up to a four-hour exercise (remote), written report with recommendations for improvement, and debrief meeting for Q&A.
A multi-hour assessment of business risk as it relates to 38 of the top NIST (National Institute of Standards and Technology) controls, utilizing a risk visualization platform to present findings and recommendations in a report and debrief meeting with a cyber security professional.
One-hour consultative session with a cyber security expert for tailored guidance. Topics often include specific control implementation/configuration discussions, best practices, and security budget prioritization.
A secure place for out-of-band communication and incident management. It can serve as a repository for critical documents to help respond and recover.
One-hour consultative session with AXIS preferred provider panel members, including:
- Breach/Privacy Attorney
- Business Interruption Accounting
- Crisis Communications
Discovery questionnaire and debrief session to review one primary domain for Microsoft 365, with a best practice review session by a cyber security professional and summary of key recommendations.
Risk assessment to discover and resolve gaps in Multi-Factor Authentication (MFA), service accounts, and privileged access protection. Receive risk assessment report and identity incident response playbook.
Work with a data privacy expert to engage in a 30-minute session review current and emerging regulatory landscape relating to AI that may impact your organization.
An in-depth review of threat detection configurations, policies and rules, integrations with other security tools, and enhancement.
Up to two hours to review incident response plan, capabilities, scenarios with a meeting to discuss templates, recommendations and best practices.
A multi-hour assessment of business risk as it relates to 38 of the top NIST (National Institute of Standards and Technology) controls, utilizing a risk visualization platform to present findings and recommendations in a report and debrief meeting with a cyber security professional.
One-hour consultative session with a cyber security expert for tailored guidance. Topics often include specific control implementation/configuration discussions, best practices, and security budget prioritization.
A secure place for out-of-band communication and incident management. It can serve as a repository for critical documents to help respond and recover.
One-hour consultative session with AXIS preferred provider panel members, including:
- Breach/Privacy Attorney
- Business Interruption Accounting
- Crisis Communications
Discovery questionnaire and debrief session to review one primary domain for Microsoft 365, with a best practice review session by a cyber security professional and summary of key recommendations.
Risk assessment to discover and resolve gaps in Multi-Factor Authentication (MFA), service accounts, and privileged access protection. Receive risk assessment report and identity incident response playbook.
Work with a data privacy expert to engage in a 30-minute session review current and emerging regulatory landscape relating to AI that may impact your organization.
An in-depth review of threat detection configurations, policies and rules, integrations with other security tools, and enhancement.
Discounted services:
Work with one of several expert facilitators to conduct planning sessions, select relevant scenario modules, conduct an executive-level exercise (up to four-hour remote session), receive a written report with recommendations for improvements, and debrief meeting for Q&A.
Work with a qualified team to conduct internal/external technical testing, web app testing, social engineering, wireless/physical testing, and/or ransomware simulation testing.
Implement one of several programs to customize and distribute end-user training content, including phishing simulations, with reporting and metrics.
Receive expert support in documenting current and planned use of AI solutions. Based on this information, the team will develop a pragmatic roadmap with tailored guidance to mitigate legal and regulatory compliance risks.
Work with one of several expert facilitators to conduct planning sessions, select relevant scenario modules, conduct an executive-level exercise (up to four-hour remote session), receive a written report with recommendations for improvements, and debrief meeting for Q&A.
Work with a qualified team to conduct internal/external technical testing, web app testing, social engineering, wireless/physical testing, and/or ransomware simulation testing.
Implement one of several programs to customize and distribute end-user training content, including phishing simulations, with reporting and metrics.
Receive expert support in documenting current and planned use of AI solutions. Based on this information, the team will develop a pragmatic roadmap with tailored guidance to mitigate legal and regulatory compliance risks.
This material is provided for informational purposes only and is not an offer to sell, or a solicitation to buy, any particular insurance product or service for a particular insured. It is intended for licensed insurance professionals. The services and service provider discussed in this document are suggested as risk mitigation and incident response resources. Use of AXIS Incident Commander does not constitute advice of any kind, and use of any service provider does not guarantee the performance or quality of the services provided, including the avoidance of loss, the fulfilment of any obligations under any contract or compliance with any law, rule or regulation. AXIS is not responsible for the effectiveness of a cyber risk management program and encourages each policyholder, together with advice from their professional insurance advisor, to perform its own independent evaluation of any service provider as part of its overall risk management strategy.