Are you ready to protect your business from the unpredictable and constantly evolving world of cyber threats? Look no further than NH 360 Protect Warranty and our Cyber Insurance as a service!
In today’s digital landscape, securing your business goes beyond just firewalls and antivirus software.
With cyber attacks on the rise, having a comprehensive cybersecurity strategy that includes cyber insurance is no longer an option – it’s a necessity.
To be eligible for Cyber Insurance coverage, it’s essential to satisfy certain baseline criteria, all of which can be conveniently fulfilled through our NH 360 Protect Warranty.
What Do You Need To Qualify For NH 360 Protect Warranty?
- Industry-standard and up-to-date antivirus or comparable prevention tools are installed on endpoints.
- Multi-factor authentication.
- Data backups that are scanned for viruses are in place.
- PHI / PII encryption in place (if regulatory conditions apply, such as HIPAA standards).
- Commercially reasonable maintenance, including patches updates, must be made within 60 days of release.
- Continuous security training for employees with email, critical server, and network access.
- Out-of-cycle wire transfers and invoice routing information changes must be verified and documented by the participant.
Why You Should Invest in Cyber Insurance through NH 360 Protect Next Horizon Qualification
-
Comprehensive Coverage:
Cyber insurance offers a safety net that extends beyond traditional security measures. Our cyber insurance policies are designed to cover a broad spectrum of potential risks, including data breaches, ransomware attacks, and business interruption resulting from cyber incidents. This means you can focus on growing your business with peace of mind.
-
Tailored Protection:
Next Horizon works closely with you to understand your business’s unique vulnerabilities and needs. We tailor our cyber insurance solutions to your industry, size, and specific risks, ensuring that they are not one-size-fits-all. This ensures that you get the coverage you need without paying for unnecessary extras.
-
Financial Safeguarding:
The financial consequences of a cyber attack can be devastating. From legal fees and regulatory fines to reputation management costs, the expenses can add up quickly. Our cyber insurance helps mitigate these financial burdens by covering these costs, allowing you to navigate the aftermath of an attack without draining your resources.
-
Rapid Recovery:
In the event of a cyber incident, we offer more than just financial compensation. We provide access to a network of cybersecurity experts who can help you recover quickly and effectively. This includes IT specialists, forensic investigators, and legal advisors who work together to minimize the damage and get your business back on track.
-
Business Continuity:
A cyber attack can disrupt your operations, leading to revenue loss and customer dissatisfaction. With cyber insurance, you can rest assured that your business continuity is safeguarded. From data restoration to temporary workspaces, our policies include measures to help you maintain operations even in the face of adversity.
-
Reputation Protection:
Your reputation is priceless. A cyber attack can erode trust and damage your brand’s image. The cyber insurance we provide not only covers the costs of managing the fallout from a PR perspective but it also shows your clients and partners that you take cybersecurity seriously, enhancing your credibility and trustworthiness.
-
Stay Compliant:
In today’s regulatory environment, businesses are held accountable for protecting customer data and maintaining cybersecurity standards. Our cyber insurance solutions often come with guidelines to help you meet compliance requirements, ensuring that you’re always on the right side of the law.
Don’t wait until it’s too late.
The digital landscape is constantly changing, and cybercriminals are becoming more sophisticated by the day.
Protect your business, your customers, and your future with NH 360 Protect Warranty and the possibility to include the Cyber Insurance Policy add-on from Next Horizon. Reach out to Next Horizon today and take the proactive step towards securing your business in the digital age.
Cyber Insurance (Add-On) Coverage Summary
The Cyber Insurance (Add-On) Coverage offers a $3 million policy limit and is designed for warranty subscribers with company revenues ranging from $0 to $100 million. This specialized policy includes endorsements tailored to address various cyber risks.
Program Benefits & Limits
Certification Warranty |
Cyber Insurance |
|||||||
360 Protect 500KReimbursements up to $500,000 |
Cyber Insurance Add-OnPolicy $1,000,000 |
Cyber Insurance Add-OnPolicy $3,000,000 |
||||||
No Application /No Underwriting Required | YES | YES | YES | |||||
First Party Coverage | YES | $1,000,000 | $3,000,000 | |||||
Ransomware and BEC | $100,000 | $1,000,000 (Random Only) | $3,000,000 (Random Only) | |||||
Compliance and Regulatory Fines | $100,000 | $1,000,000 | $3,000,000 | |||||
Cyber Legal Liability Costs | $250,000 | $1,000,000 | $3,000,000 | |||||
Loss of Funds / Social Engineering | $50,000 | NO | NO | |||||
Digital Data Recovery | NO | $1,000,000 | $3,000,000 | |||||
Media Liability | NO | $1,000,000 | $3,000,000 | |||||
Third Party Coverage | NO | $1,000,000 | $3,000,000 | |||||
Deductible | NO | YES | YES | |||||
Value-Added Endorsements | NO | YES | YES |
*Some classes of business are restricted from participation.
Specific coverage features encompass data breach expenses, business interruption compensation, cyber extortion protection, third-party liability coverage, regulatory fines coverage, and more.
Additionally, the policy requires a retention fee, which functions as a deductible, that the insured company is responsible for before the coverage takes effect.
The exact policy endorsements and retention fee amount may vary based on the insurance provider and policy terms.
Remember, it’s not just insurance – it’s your shield against cyber threats!.
Obtaining these two services may help you save up-to 50% in Cyber Insurance!
Next Horizon invites you to explore the captivating realms of Cyber Security and Cyber Insurance. Our expertise and cutting-edge solutions can help protect what matters most to you.
Ready to embark on this journey with us? Contact Next Horizon today, and let’s secure a safer digital future together.
Certification Warranty Control Conditions Demystified Securing your Digital Landscape:
Understanding Certification Warranty Control Requirements
-
Vigilant Antivirus Protection
To ensure the highest level of security, participants are expected to implement and regularly update industry-standard antivirus or similar preventive tools on all endpoints within their network. In case of a reimbursement claim, it’s imperative to provide log data from affected endpoints to substantiate the claim.
-
Meticulous Maintenance Practices
Participants must engage in commercially reasonable maintenance practices, including promptly applying patches and updates within a 60-day timeframe from their release. It is advised to follow a consistent patching cadence, exercising due diligence within 60 days of the latest patch cycle release for optimal security.
-
Adherence to Compliance Standards
Participants are required to uphold data privacy principles and comply with any mandatory regulatory stipulations. If applicable, participants must adhere to the pertinent national, state, federal, and regulatory privacy and security policies.
This includes but is not limited to standards such as PCI, HIPAA, OSHA, SEC, and GDPR.
For participants subject to regulatory frameworks like HIPAA, PCI, SEC, or OSHA: An annual risk assessment must be conducted and documented. Protected Health Information (PHI) must be accounted for and inventoried before any incidents occur.
All personnel should undergo HIPAA training both prior to any incidents and within the preceding 12 months.
-
Fortified Multi-Factor Authentication
Multi-factor authentication (MFA) must be activated across all participant email accounts. It is indispensable for securing email accounts, servers housing critical data, cloud systems, and network access points.
-
Cultivating Security Awareness
The participant is responsible for instilling security awareness among its employees. All personnel are mandated to receive comprehensive security awareness training, empowering them to identify potential cyber threats.
A continuous program, inclusive of all employees with access to company email accounts, critical servers, and network resources, is highly recommended.
-
Safeguarding PHI and PII
Where regulatory conditions demand, such as in alignment with HIPAA standards, participants must ensure that PHI and PII encryption mechanisms are in place to protect sensitive information.
-
Robust Data Backup Practices
Data backup protocols must be established and maintained. The chosen backup solution should encrypt data at rest and undergo regular scans for viruses and malicious content.
Cloud-based backup solutions are permissible, provided they meet these stringent criteria.
-
Reinforcing Business Controls
To prevent unauthorized activities like out-of-cycle wire transfers and invoice routing changes, participants must adhere to rigorous business controls.
Any alteration requests must be verified and documented, providing a comprehensive record in case of potential security breaches.
-
Validating Through Log Data
For any warranty reimbursement claims, thorough verification is crucial.
All events related to potential security breaches must be supported by log data and supplementary documentation to substantiate the claims.
NH 360 Protect Warranty Reimbursement Costs
To Remediate A Detected Breach
Next Horizon provides a Certification Warranty known as NH 360 Protect $500k, which covers:
• $100k Ransomware & business email compromise*
• $100k Compliance & regulatory Failure
• $50k Business income loss
• $250k Cyber legal liability**
• Covers all endpoints
* Only if a ransomware or business email attack originates on your network.
**Customer must first exhaust any other applicable service guarantee.
Obtaining these two services may help you save up-to 50% in Cyber Insurance!
Next Horizon invites you to explore the captivating realms of Cyber Security and Cyber Insurance. Our expertise and cutting-edge solutions can help protect what matters most to you.
Ready to embark on this journey with us? Contact Next Horizon today, and let’s secure a safer digital future together.
Strengthened Resilience Through Enhanced Cyber Insurance
Introducing Fixed Rate Cyber Insurance Policy (Add-On)
As a testament to our commitment to your security, we are excited to present the Fixed Rate Cyber Insurance Policy, now available as an exclusive add-on for participants of the NH 360 Protect Warranty Program.
- Automatic Qualification: Customers enrolled in the Certification Warranty Program will be seamlessly eligible for substantial discounts upwards of 50% off on the Fixed Rate cyber insurance policies.
- Simplified Access: Say goodbye to cumbersome application processes. This program is readily accessible to businesses across various sectors* with annual revenues of up to $100M, eliminating the need for a separate application.
- Tailored Protection: Our Fixed Rate cyber insurance offering comes with flexible coverage options, starting from $1M limits, ensuring that your business is well-protected against a range of potential cyber risks.
Experience peace of mind and fortified resilience with our Cyber Security programs, designed to empower your business in the ever-evolving digital landscape.
*Some classes of business are restricted from participation. Contact Next Horizon to view the list of exclusions.
-
$1M Cyber Insurance Policy Add On
- For customers participating in an embedded warranty program.
- Revenue under $50M
$1,250 / year - Revenue $50M – $100M
$2,500 / year
-
$3M Cyber Insurance Policy Add On
- For customers participating in an embedded warranty program.
- Revenue under $50M
$9,500 / year - Revenue $50M – $100M
$15,000 / year
Frequently Asked Questions (FAQ) About Our NH 360 Cyber Security Assurance
NH 360 Protect offers reimbursement for the following event types:
- Ransom/BEC: Covers ransomware incidents, including remediation costs and ransom payments, or instances of business email compromise (BEC) leading to fund transfers or invoice fraud. This includes remediation expenses and the reimbursement of lost funds ($100,000 annually).
- Compliance Event: Addresses cyber breaches that trigger violations of regulations such as HIPAA, PCI, OSHA, and state-related mandates, resulting in penalties, fines, or related costs ($100,000 annually).
- Legal Liability: Covers lawsuits arising from cyberattacks, data loss, or media-related issues on your website, including legal defense and settlement expenses ($250,000 annually).
- Business Interruption: Provides coverage for security breaches causing loss of business income, net profit or loss prior to income taxes, and ongoing operating expenses impacted by the breach ($50,000 annually).
The loss resulting from business interruption is calculated as the net profit or loss before income taxes that would have been generated or incurred had the breach not occurred, alongside ongoing operating expenses influenced by the breach. The Carrier determines this calculation at its reasonable discretion.
Based on your agreement, business income is computed as 90-180 days of average revenue multiplied by the number of days of network downtime.
For coverage eligibility, the following conditions apply:
- The customer must be a current subscriber to our service, in good standing, within the affected environment.
- The customer should perform commercially reasonable maintenance, including timely patch and update application in line with our release cycle.
- Deploy an offline backup solution for critical business data.
- The customer must adhere to relevant state, federal, and regulatory privacy and security policies, including PCI, HIPAA, and SEC standards.
- All events require verification through log/event data. Note that 360 Protect does not respond to systemic infrastructure failures resulting in a ransom compromise to our covered service.
NH 360 Protect does not alter the terms or coverage of a cyber insurance policy. Many insurers recognize the capability of our program to mitigate or minimize cyber insurance claims.
Next Horizon can collaborate with your carrier to ensure proper acknowledgment and credit for this additional layer of protection.
Navigating Cybersecurity and Cyber Insurance: A Unified Approach
In today’s digital landscape, cybersecurity serves as the proactive defense mechanism, employing strategies and technologies to prevent cyber threats and breaches. It encompasses measures such as encryption, network security, and employee training, aiming to safeguard sensitive information and ensure business continuity.
On the other hand, cyber insurance operates as a reactive safety net, stepping in when preventive measures fall short. It provides financial support to manage the aftermath of cyber incidents, covering costs like data breach recovery, legal fees, and business interruption.
Together, these two pillars create a unified strategy—cybersecurity fortifies defenses, while cyber insurance mitigates financial risks, fostering a resilient ecosystem against the evolving cyber landscape.
Cybersecurity From Small to Mid-Sized Businesses
When it comes to cybersecurity, small businesses are especially vulnerable. In fact, 1 out of 20 small businesses lacks adequate preparation to handle a cyber-attack. From client management to internal operations and revenue generation, network security typically lags behind as a priority.
In crafting this document on Cyber Insurance and Cybersecurity, our aim is to provide businesses with a distinct advantage in safeguarding their data, clients, and employees from hackers and other malicious actors. Moving forward, you will discover valuable tips on initiating your journey toward optimal cybersecurity protection, encompassing:
- How to Perform a Cybersecurity Audit
- The Steps When Assessing Your Network Vulnerabilities
- The Basics of Setting Up A Cybersecurity Defense
- Definitions of Important Cyber Threats
- Important Cybersecurity Stats to Know
The State of Cybercrime
Breach Incidents by Type
Disguises for Distributing Malware
Cyber Attack Motivations
Malware infections have risen every year for the past decade.
Auditing Your Network Security
Amidst the modern digital landscape, cybersecurity holds paramount significance. If concerns about the vulnerability of your IT infrastructure linger, considering a cybersecurity assessment or audit becomes pivotal. Here’s a concise outline of the process, fortified by the protective measures of Cyber Security NH 360 Protect Certification Warranty.
“As cybersecurity leaders, we have to create our message of influence because security is a culture and you need the business to take place and be part of that security culture.”
-Britney Hommertzheim, Director of Cyber Threat Operations, Cardinal Health
-
Step 1: Set a Cybersecurity Baseline
Similar to regular maintenance checks for roofs or air conditioners, conducting a cybersecurity audit ensures the ongoing health of your digital environment. Moreover, the rapid evolution of technology introduces fresh opportunities for hackers to breach network systems and software.
To counter this imminent threat, consider the Cyber Insurance service offered by Next Horizon, NH 360 Protect, as an additional layer of protection. This comprehensive service not only addresses current vulnerabilities but also provides a proactive strategy to safeguard against emerging cyber threats. Integrating such a solution into your cybersecurity framework contributes to a more robust defense against potential risks in the ever-evolving digital landscape.
-
Step 2: List Assets
In order to perform an audit, you will first need to set the parameters and assets involved. Everything from digital equipment, sensitive customer or company information, and any other aspect of your business that requires protection can constitute assets.
Some examples of assets include:
- Computers
- Tablets
- Software
- Client or Customer Data
- CRMs, ERPs or other Control Systems
- Business Applications
- Proprietary Data
- Mobile Devices
- Network Equipment
- Cloud Systems
- Digitally Connected Secondary Systems Such as HVAC, Power Backups, etc.
-
Step 3: Define Security Threats
Now that you know what assets you want to test, you need to then develop a list of potential threats to look out for.
Here is a list of some of the more common threats a business may come across:
- Phishing Attacks
- Weak Passwords
- Stolen Passwords
- Employees Untrained in Cybersecurity Threats
- DDoS Breaches
- Malware
- Natural Disaster
- Equipment Theft
An Area of Focus: Ransomware
Modern-day ransomware attacks have evolved from inconvenient viruses launched by deviant hackers, to sophisticated systems that adopt the same practices and tactics of the corporate businesses they target. With that said, ransomware is a form of malicious software designed to exploit digital systems by infiltrating a network, then denying access to the rightful owners. Ransomware allows hackers to hold a device, company data, or an entire network hostage, until the victim cedes to their demands.
According to Cybercrime Magazine, the annual cost of cybercrime is expected to hit $5 trillion by 2024.
Ransomware Attacks Start with Exploiting Trust
Hackers are experts in the art of disguise. It all starts with an alluring façade, a convincing email or an offer from what appears to be a trusted source, in order to earn your trust.
Once they hook your attention, it only takes a single link to compromise your data. What’s more, hackers routinely hunt for vulnerabilities in digital networks in order to capitalize on opportunity.
Cybercriminals create access points into your business by disguising them as trustworthy websites, downloadable content, or essential software. It’s far more subtle than you might think.
Where Ransomware Attacks Lurk
- Phishing emails
- Downloadable content
- Malicious websites
- Unsecure VPNs (virtual private networks)
-
Step 4: Have an External Party Conduct Audit
The only way to truly assess your network security is through an outside IT company. Your internal team may be trustworthy and proficient, but they can sometimes miss something that an outside firm will catch.
Make sure you choose a company that has real experience assessing and protecting network security infrastructures. Be sure to provide your complete list of security procedures and system data as well as the focus you prefer for the audit. Once you have provided everything the outside firm needs, they can begin their audit.
What Tests Will an Outside Auditor Perform?
Security Risk Report
The risk report encapsulates findings from the security audit, shedding light on the overall robustness of your network environment’s security and protocols. Informed by diverse factors, the IT firm will pinpoint the vulnerabilities within your network, assigning scores to each category.
Encompassing dark web scans and assessments of internal and external vulnerabilities, the risk report offers a comprehensive snapshot of your security infrastructure, further strengthened by NH 360 Protect, Next Horizon’s Cyber Insurance service.
The network security risk report typically includes scores on, but is not limited to the following variables:
- Compromised Passwords Found On The Dark Web
- Critical External Vulnerabilities Detected
- Account Lockout Disabled
- Medium External Vulnerabilities Detected
- Password Complexity Not Enabled
- Password History Not Remembered For At Least Six Passwords
- Inconsistent Password Policy / Exceptions To Password Policy
- Lack Of Web Filtering
- Open Or Insecure Wi-Fi Protocols Available
- Local Security Policy Consistency
- Searched Web Content Analysis
“Thinking of cybersecurity solely as an IT issue is like believing that a company’s entire workforce, from the CEO down, is just one big HR issue.”
-Steven Chabinsky, Global Chair of Data, Privacy & Cybersecurity at White & Case LLP</span?
Consolidated Security Report Card
The Computer Security Report Card assesses individual computers at a high level based on various security criteria. The report card should be viewed as a relative measure as to how well a computer complies with security best practices.
There may be specific reasons or compensating controls that may make it unnecessary to achieve an “A” in all categories to be considered secure.
Computer Security Report Card Sample
“It takes 20 years to build a reputation and few minutes of cyber-incident to ruin it.”
-Stéphane Nappo, Global Chief Information Security Officer at Société Générale International Banking</span?
External Vulnerability Scan
An external vulnerability scan allows us to put on the hat of a hacker. Performed outside of your network, our external scan detects potential vulnerabilities including open ports in your firewall or any other opening that could enable hackers to infiltrate your network.
An Example of an External Vulnerability Report Item
-
Step 5: Review Results and Make Any Necessary Adjustments
Following a thorough discussion of the reports with your team, you should gain a comprehensive understanding of the vulnerabilities and strengths related to your network security. This insight may necessitate the reworking of processes and protocols to effectively address and respond to these identified vulnerabilities. By incorporating necessary adjustments, your organization can enhance its overall cybersecurity posture and better safeguard against potential threats.
Setting Up the Basics for a Strong Cybersecurity Defense
Much of cyber defense is pragmatic thinking and planning, but you have to know where to start. Here are some of the best practices to keep your cyber defense strong.
Almost 90% of cyber-attacks are caused by human error or behavior. Much like the rules in your employee handbook, you must train your employees on how to act to reduce liability.
-
Set Up a Firewall
A firewall is a network security system that monitors and controls traffic going into and out of your network based on predefined rules. Basically, a firewall is the doorman to your network. It is the barrier between the internal network you trust and the untrusted network- which is essentially everything else.
You can set up your firewall to blacklist or whitelist IP addresses, MAC addresses and ports. Firewalls secure your first line of cyber defense from cybercriminals.
-
Back-Up Important Business Data
You never know when or where a cyber-attack will emerge to disrupt your network, so it’s important to consistently back up your critical business data.
Configure your network to automatically back up on a schedule, ensuring that the backup data is stored in a location distinct from its current storage.
-
Install the Latest Anti-Virus and Anti-Malware Software
Emphasizing the critical aspect of the keyword “latest” in the title, it’s vital to recognize that virus definitions and cybercriminal tactics evolve regularly.
Neglecting even a single update could potentially expose your system to intruders. Therefore, it is imperative to ensure that your software is consistently and fully updated to effectively shield your network from a range of cyber threats, including viruses, malware, spyware, ransomware, and other potential security risks. Regularly updating your software serves as a proactive measure in maintaining the security and integrity of your digital environment.
-
Secure and Hide Your Network
When you initially purchase your router and other Wi-Fi equipment, it is not secure. You will want to create a unique password and one that’s not easy to guess. Hide your network so that it doesn’t come up on general Wi-Fi scans.
If you have remote workers, you may want to invest in a Virtual Private Network, or VPN. A VPN can help keep secure, encrypted tunnels between remote networks and the office network.
-
Train, Train, Train!
Human error or behavior causes almost 90% of cyber-attacks. Therefore, much like the rules in your employee handbook, it is imperative to train your employees on how to act to reduce liability.
Indeed, fortifying your organization’s cybersecurity demands that employees possess proficiency in various essential practices. This encompasses adeptly recognizing malicious emails, formulating high-quality passwords, integrating two-factor authentication, and judiciously managing sensitive company and client data. By assuring that your workforce excels in these crucial areas, you establish a robust defense mechanism against potential cyber threats. This proactive approach significantly contributes to maintaining a secure digital environment for the seamless and protected operation of your business. This proficiency significantly contributes to maintaining a secure digital environment for the seamless and protected operation of your business. Implementing these proactive measures is crucial not only for preventing potential threats but also for maintaining a secure digital environment. By incorporating these practices into daily operations, your team plays a pivotal role in fortifying the overall cybersecurity framework and safeguarding the integrity of sensitive information.
This step is vital to keeping your business safe and secure from external cyber threats. Consequently, investing in comprehensive employee training becomes an essential component of your overall cybersecurity strategy.
-
Create and Follow a Cybersecurity Plan
In many cases, creating a cyber-defense plan should be the very first thing that an organization does when trying to assess and mitigate risk. However, many businesses may not have the time or expertise to create an effective cybersecurity strategy.
From internal and external vulnerabilities to detailed policies, a lot goes into crafting an effective network security plan. Therefore, you may want to consider engaging with a trusted IT company that specializes in cyber defense. This is especially crucial as they can provide expertise and resources to bolster your network security measures. Additionally, by collaborating with such professionals, you can ensure a comprehensive and tailored approach to safeguarding your digital infrastructure.
If you are creating a plan on your own, it is crucial to ensure that you document all policies clearly and make them available to all your employees. Moreover, make sure the plan includes all mobile devices, such as phones, wearable fitness trackers, smartwatches, and anything else with wireless capabilities. This is essential for maintaining a comprehensive and inclusive approach to cybersecurity within your organization. By doing so, you can enhance awareness and adherence to security measures across various devices and platforms.
Free Network Security Assessment from Next Horizon!
Why choose Next Horizon for your Network Security Assessment?
- Industry Expertise: Drawing on years of cybersecurity experience, our experts possess the expertise to assess the security posture of your network
- Customized Solutions: We tailor our recommendations to your unique business needs, ensuring a practical and effective security strategy.
- Comprehensive Analysis: Our assessment covers everything from firewall configurations to employee security training, leaving no stone unturned.
IT Services
Who is Next Horizon?
Next Horizon provides holistic technology solutions for businesses looking to improve sales, increase agility and optimize productivity. From improving and maintain IT infrastructure to building bespoke business applications, Next Horizon uses its 40+ years of experience and award winning talent to provide technical business solutions for its clients.
Some of Our IT Solutions Include:
- Security Strategy, Testing and Implementation
- Application Development
- Technology/CIO Consulting and Strategy
- IT Managed Services
- Cloud System Installation and Maintenance
- Data Recovery and Forensics
- Hosting
- IT Support/Help Desk