This is a bit like a motor insurer installing a black box in your car to identify risky behaviour or a medical insurer getting you to have a health check before issuing cover. I’d like to see a discount offered for companies that undertake third party assurance, rather than rely on the insurers to force it upon them…:
[…] To battle the rising tide of ransomware insurance claims caused by exposed RDP servers and vulnerable devices, cyber insurance company Corvus utilizes security scans as part of their underwriting process.
Corvus Scan is a non-invasive security scan that examines a customer’s network for exposed RDP servers, vulnerabilities in gateway devices and servers, and public-facing concerns.
The insurance company then provides a report to the customer about what equipment needs to be secured, including exposed RDP servers.
“Every customer receives the findings of the Corvus Scan with their insurance quote, and a detailed report with detailed security recommendations once purchased,” Corvus told BleepingComputer.
Since introducing Corvus Scan 2.0 in April, Corvus states that the amount of ransomware-related claims has dropped by 65% with zero claims in new customers caused by breaches through RDP.