Disruptive Seasons Spring 2022 – Sean Remnant
Sean Remnant: Hello, everyone. My name is Sean Remnant. I’m from a company called Ignition Technology. We’re a distributor for Cloud SASS, security based solutions and services in the UK and across India today. I was just going to share with you a little bit of insight from the intel…
Sean Remnant: Hello, everyone. My name is Sean Remnant. I’m from a company called Ignition Technology. We’re a distributor for Cloud SASS, security based solutions and services in the UK and across India today. I was just going to share with you a little bit of insight from the intel that we get from the position that we’re in the market.
We were a trade-only organisation, so we deal with properly your partners, your security partners, and basically, we bring in new and emerging technology from the likes of the US or from Israel and we bring it to the geographies for our partners to bring to you our customers. Basically satisfying security challenges for today’s market. So with security focussed, we support Amir and we basically specialise in bringing in that new technology into regions which focus just on software service and cloud security. And we’ve probably evaluated over 1500 technologies in the last six years.
The team? years of experience. But part of the teams that have brought in the likes of Palo Alto Networks, F5, FireEye into the UK and numerous awards collected over there over the last few years. Why do we exist? There’s a lot of confusion in the market. The market is absolutely saturated with cyber security solutions. We see thousands of new start-ups popping up every year, all trying to get mindshare from our from our customers and from our sales, saying they’ve got the latest and greatest, best technology to address today’s security concerns.
What we’ve also seen is a huge shift away from hardware to software and SAS and cloud-based solutions. A lot of legacy and traditional solutions have been very perimeter centric, very hardware-centric. And we’ve seen a huge shift in the last five years, especially in the current climate over the last couple of years, where people have been working from home, accessing services and workloads that are completely geographically dispersed. So we focus on solving business, business challenges around security, things like securing the Microsoft stack, focussing on identity, which we believe is the cornerstone of all security.
Everything boils down to a strong identity platform. Hot topics like ransomware, digital transformation, which we have seen expedited over the last couple of years, and also things that may be deemed as marketing terms like Zero Trust. And we can help demystify and provide clarity around some of those topics. And then the thing I wanted to just touch on today and the main point of this presentation today is what we’re hearing from the industry around cyber insurance. So what are some of the things that we’re seeing in the market? Well, with the introduction of digital transformation and certainly over the last few years, we’ve seen the attack surface absolutely explode.
What do we mean by that? Well, with workloads, servers, users, applications all being moved to the cloud and geographically dispersed, that creates a much bigger target for the would-be attackers. And that actually requires a completely different approach to traditional perimeter technology and perimeter security solutions that we’ve been used to in the past. What we see now is that identity really is the new perimeter. Who’s the person behind the device? What can they access and when can they access it and how should they have that permission? We’re also seeing the volume, velocity and variety of attacks growing exponentially.
We’ve seen things like the Colonial Pipeline attack, the things like the SolarWinds attack, Kadcyla, and all of these attacks are growing in terms of scale and the amount of people that they’re actually affecting. What we’ve also seen is an increase in regulation and compliance. People need to provide a lot more visibility, a lot more reporting on their infrastructure, what people are doing, how they’re doing it, and everything is accountable. And the knock-on effect of that is there’s been an explosion in the amount of technology that an organisation deploys around security. And this also has its own challenges because, with that increase in the amount of security solutions, you need more resource. And I think we all know that there’s not enough resource in any geo at the moment to basically provide assistance, support, configuration, expertise around these technology areas.
So it’s a real challenge and enterprises really are struggling to keep up with the rate of change. So one area I wanted to talk to you about today was what we’re seeing in the insurance industry. We’re lucky enough that where we sit in the market, as I say, we’re a trade-only organisation, but we do with hundreds of security partners in the in the UK and across a mirror. And what that means is we actually have visibility over buying trends and actually feedback from those security partners to what their customers are actually telling them or asking them for. So what we do know is that most organisations, I think over 65% of organisations are looking to cyber insurance to basically minimise the financial impact of a breach or a cyber security attack. And that’s across all verticals.
So much like you or I want to ensure our most precious items are our house, our car, our pets. Organisations are looking to get cyber insurance on their business. Now that over the last couple of years has been relatively easy to do and actually it’s been easy to do because the insurance companies probably haven’t had the knowledge and visibility of the metrics needed to underwrite an organisation’s insurance. The knock-on effects of that is that everyone’s run out to get cyber insurance. But now pretty much the cyber insurance industry is being caught on the back foot because of the scale and the number of attacks that we talked about previously. What we know is the frequency of attacks has gone up nearly 500% since 2018. So what we’re seeing is basically a lot of organisations making a lot of claims on the insurance industry and the insurance industry is now starting to have to wising up.
What does that mean? Well, initially it means that the cost of your premiums are going to go up. It’s like the cost of a car insurance premium is a lot more for an inexperienced driver because the likelihood of them crashing is a lot more than for an experienced driver. So actually what we’re starting to see is a hardening of the market. The insurance organisation is becoming more knowledgeable about the space and therefore they’re adjusting their premiums and their offerings accordingly. We’ve had partners come to us saying that customers were being underwritten for a risk 80% last year and now just 10% because the risk of breach and an attack is so much higher. What we’re also saying is that insurance premiums are increasing 400 to 800% in some cases, and that’s because there are far more claims being made against those organisations.
What we’re also seeing is those insurance companies going back to the customer saying can you co insure the risk because they don’t want to take the burden or themselves. So what we’re starting to see is that the insurance companies are now basically going to the organisations and saying, you know what, you got to make sure that you’ve got all the technical controls in place so that you’re a low risk so we can ensure you. And again, using the analogy of cars, the insurance companies are basically saying you need an amputee. You need to make sure you’ve got tread on your tires. You need to make sure your wipers work, your headlights work. You need to make sure you’re in good shape before we then take on the risk of insuring you.
Now, that’s gone a step further, where we’re also hearing that the insurance companies are basically saying, unless you’ve got those basic security hygienes in place, we’re not going to insure you. Again, it’s a bit like saying, have you got an impact on your car? If you’ve got a motor, it means, you know, you’ve done all the pretty much the right things and we will insure you liken it to car insurance. We’re basically saying, have you got these technical controls in place? If you haven’t, we won’t even quote you. So the insurance companies are pushing back on organisations saying, you know, make sure that you’ve got your organisation as secure as possible and then we’ll take that insurance risk with you. So what we see, and this is probably kind of a areas that those insurance companies are starting to say that you must have something in place, things like endpoint detection and response.
Have you looked after the endpoints in your environment? Have you got that? Have you got antivirus? Have you got anti-malware? Have you got a way of finding out what’s happened on that endpoint? Basic things. Have you got multifactor authentication? Can you prove who’s behind a particular device and what are they accessing and making sure that you authenticate that user, you know who they are before they access something. Privileged access management. If you’ve got things like admin accounts or service accounts, make sure you’re in control of them. Because if you get hit by ransomware or malware, the first thing that’s going to go after is your privilege users because they’ve got the most power in your organisation. We saw with a number of the attacks over the last year, the credentials and the privilege credentials were the target for those attacks because they allow the would-be attacker to basically move a laterally spread move around that environment with the least resistance. Things like asset management, do you know is an organisation what you own again another scenario that we saw with the SolarWinds attack, it took people far too long to understand where those servers, what servers they had, where those servers were, and did they have SolarWinds installed? Have they got the ability to track, investigate incidents? So have they got those solutions that provide a SOC as a security operations centre or have they outsourced that function, which many do if they haven’t got the resource, but they need that function to say what’s happening in that environment? Local admin rights? Can anybody just access things on your local employee? Can a would-be hacker or some malware basically just take over that machine and do what they like? Make sure you’re in control of the accounts on those endpoint servers and they administer of accounts of some of your applications, including SAS.
SAS is really being overlooked at the moment in terms of, you know, cloud security, posture management, but also SAS security, who’s got access to Salesforce Office 365, your Microsoft Identity stores, make sure you’re in control. Obviously, if you did get hit, make sure you’ve got some backup procedures in place, and make sure you can roll back to a known good state where possible. And then probably the last thing which is as important as all the rest, make sure your staff are trained. There are lots of solutions out there that can send out things like phishing campaigns to help educate your end-users, which are often the weakest point in any environment. So just to wrap up the cyber insurance company that’s helped where they could, they’ve started to become more educated that actually this is really a high-risk area and organisations really do need to be doing as much as they can themselves as well rather than just offloading the risk onto the insurance industry. So if you need more information, please contact us. We’re always available. Ignition technology dot com and we can help you through that journey and minefield of getting insurance. And actually what’s more important reducing the risk of your organisation helping you to stay safe. Thank you.