Overview

Prepare, Protect, Respond

Prepare

  • Onboarding call with the AXIS Cyber Risk Advisory Team
  • Learn about complimentary and discounted services
  • Explore our pre-approved panel

Protect

  • Engage in selected services
  • Stay aware of threat advisory and incident commander insights
  • Register for the AXIS Safe Room, a secure online platform

Respond

Incident Commander 24/7/365
Call: 1-844-IC4-AXIS (1-844-424-2947)
Email: [email protected]

Onboarding call

Bringing in guidance from the start

The AXIS Cyber onboarding call is the first step in elevating the cyber resilience journey. The Cyber Risk Advisory team hosts a one-hour session which includes:

  • Review complimentary and discounted resiliency services
  • Steps to engage and stay connected
  • More about 24/7/365 Incident Commander support in the event of a cyber incident
  • Overview of claims process and pre-approved panel vendors

Who is eligible?

Any primary cyber insurance policyholder of AXIS is eligible for a complimentary onboarding call with a member of the AXIS Cyber Risk Advisory team.

Who should attend?

Typical attendees include Chief Information Security Officer (CISO), IT Director, Risk Manager, General Counsel, and others as desired. Customers may choose to include their cyber insurance broker or agent.

How to sign up?

To schedule complimentary onboarding call, please email [email protected]

Cyber Resiliency Services

Elevating business protection

A cyber incident can be devastating for an organization, causing significant business interruption and reputational damage.

AXIS provides primary cyber insurance policyholders a set of complimentary and discounted services from selected experts, to elevate business protection, save on security budgets and find the right expertise to address insureds’ biggest concerns.

To engage in onboarding with the AXIS Cyber Risk Advisory team, email [email protected]

Complimentary services:

Complimentary services

Incident Response Plan Review or Workshop

Planning session, customized scenario modules, up to a four-hour exercise (remote), written report with recommendations for improvement, and debrief meeting for Q&A.

Complimentary services

Rapid Risk Assessment

A multi-hour assessment of business risk as it relates to 38 of the top NIST (National Institute of Standards and Technology) controls, utilizing a risk visualization platform to present findings and recommendations in a report and debrief meeting with a cyber security professional.

Complimentary services

Virtual CISO Consulting Session

Up to one hour of consulting with up to five different security experts. Topics can range from specific control implementation/configuration discussions to higher CISO-level consulting.

Complimentary services

AXIS Safe Room - powered by CYGNVS

A secure place for out-of-band communication and incident management. It can serve as a repository for critical documents to help respond and recover.

Complimentary services

Advisory Sessions

  • Breach Counsel Up to one hour of legal advice with any of our four breach counsel law firms to discuss breach/claim process and legal/regulatory considerations
  • Crisis Communication Up to one hour of crisis communication consulting with up to two firms, on topics such as internal/external communication/notification issues, potential templates, etc.
  • Business Interruption Accounting Up to an hour of advisory/Q&A to understand what information is needed to calculate business interruption reimbursements, ideally setting the right level of expectations.

Complimentary services

Microsoft O365 Security Assessment and Information Sharing

Discovery questionnaire and debrief session to review level of risk within one primary domain for Microsoft O365 through a Best Practices Review.  Review and information sharing led by a cyber security professional presenting current best practice gaps and summary of key recommendations.

Complimentary services

Incident Response Plan Review or Workshop

Complimentary services

Rapid Risk Assessment

Complimentary services

Virtual CISO Consulting Session

Up to two hours to review incident response plan, capabilities, scenarios with a meeting to discuss templates, recommendations and best practices.

A multi-hour assessment of business risk as it relates to 38 of the top NIST (National Institute of Standards and Technology) controls, utilizing a risk visualization platform to present findings and recommendations in a report and debrief meeting with a cyber security professional.

Up to one hour of consulting with up to five different security experts. Topics can range from specific control implementation/configuration discussions to higher CISO-level consulting.

Complimentary services

AXIS Safe Room - powered by CYGNVS

Complimentary services

Advisory Sessions

Complimentary services

Microsoft O365 Security Assessment and Information Sharing

A secure place for out-of-band communication and incident management. It can serve as a repository for critical documents to help respond and recover.

  • Breach Counsel Up to one hour of legal advice with any of our four breach counsel law firms to discuss breach/claim process and legal/regulatory considerations
  • Crisis Communication Up to one hour of crisis communication consulting with up to two firms, on topics such as internal/external communication/notification issues, potential templates, etc.
  • Business Interruption Accounting Up to an hour of advisory/Q&A to understand what information is needed to calculate business interruption reimbursements, ideally setting the right level of expectations.

Discovery questionnaire and debrief session to review level of risk within one primary domain for Microsoft O365 through a Best Practices Review.  Review and information sharing led by a cyber security professional presenting current best practice gaps and summary of key recommendations.

Discounted services:

Discounted services

Incident Response Tabletop Exercise

Planning session, Incident Response Plan review, tailored scenario developed based on insured company/concerns, up to a four-hour exercise (remote or on-site), written report with recommendations for improvement and debrief meeting for Q&A.

Discounted services

Penetration Testing Services

Internal/external technical testing, web app testing, social engineering, wireless/physical testing, ransomware simulation testing, etc. services available.

Discounted services

Unlimited Training, Awareness and Phishing License

Unlimited license to distribute and customize training content, presentation, phishing simulations, with reporting and metrics.

Discounted services

Enhanced Multi-Factor Authentication and Just-In-Time Identity Management License

Full license to deploy a leading-edge advanced authentication and just-in-time identity management for better account access and permission management.

Discounted services

Incident Response Tabletop Exercise

Discounted services

Penetration Testing Services

Discounted services

Unlimited Training, Awareness and Phishing License

Planning session, Incident Response Plan review, tailored scenario developed based on insured company/concerns, up to a four-hour exercise (remote or on-site), written report with recommendations for improvement and debrief meeting for Q&A.

Internal/external technical testing, web app testing, social engineering, wireless/physical testing, ransomware simulation testing, etc. services available.

Unlimited license to distribute and customize training content, presentation, phishing simulations, with reporting and metrics.

Discounted services

Enhanced Multi-Factor Authentication and Just-In-Time Identity Management License

Full license to deploy a leading-edge advanced authentication and just-in-time identity management for better account access and permission management.

This material is provided for informational purposes only and is not an offer to sell, or a solicitation to buy, any particular insurance product or service for a particular insured. It is intended for licensed insurance professionals. The services and service provider discussed in this document are suggested as risk mitigation and incident response resources. Use of AXIS Incident Commander does not constitute advice of any kind, and use of any service provider does not guarantee the performance or quality of the services provided, including the avoidance of loss, the fulfilment of any obligations under any contract or compliance with any law, rule or regulation. AXIS is not responsible for the effectiveness of a cyber risk management program and encourages each policyholder, together with advice from their professional insurance advisor, to perform its own independent evaluation of any service provider as part of its overall risk management strategy.