Let’s break down what happened with the Microsoft CrowdStrike outage, how it impacted the world, and what steps were taken to fix it. By understanding these details, we can better grasp the challenges of managing cybersecurity in our digital age.

What Happened: Understanding the Outage

Overview of the Incident

The Microsoft CrowdStrike outage was a major event that kicked off early on a Friday. The trouble started with a software update from CrowdStrike, targeting their Falcon sensor security software on Microsoft Windows. This update caused widespread “blue screens of death,” those infamous error screens on Windows.

Details of the Affected Updates

CrowdStrike’s update was supposed to enhance the Falcon sensor’s ability to detect new cyber threats. Instead, it had a logic error triggered by a routine sensor configuration update. This update rolled out just after midnight EST on Friday and led to system crashes.

Immediate Impacts Detected

The effects were severe and widespread, hitting various sectors globally. Critical services like air travel faced massive disruptions, with thousands of flights canceled and delays piling up. The healthcare sector was also hit hard, with some surgeries postponed and emergency services experiencing outages. This incident highlighted how essential cybersecurity software is to our modern digital infrastructure.

Global Impact of the Incident

The Microsoft CrowdStrike outage had a far-reaching impact, affecting multiple sectors and regions. Here’s a closer look:

Affected Sectors (airlines, healthcare, financial services)

The airline industry was hit particularly hard, with over 4,295 flights canceled globally, causing chaos at airports. Healthcare systems like Mass General Brigham and Emory Healthcare had to postpone services and revert to manual systems. Financial services also suffered, with disruptions in payment systems and customer access at banks worldwide.

Geographical Spread of the Outages

This wasn’t just a local issue—it affected services across the U.S., Canada, the UK, Europe, and Asia. Major U.S. cities saw disruptions in healthcare and public transportation, while the UK’s National Health Service faced setbacks in managing patient records and appointments.

Operational Consequences on Businesses

Businesses worldwide faced operational hurdles. Amazon warehouse employees struggled with schedule management, and Starbucks temporarily closed stores due to mobile ordering issues. Big corporations like FedEx and UPS reported substantial disruptions affecting logistics and deliveries. This outage underscored how crucial stable and secure IT infrastructures are for modern businesses.

Responses from CrowdStrike and Microsoft

Statements from CrowdStrike and Microsoft Executives

CrowdStrike’s CEO apologized for the disruption and assured that they had identified and fixed the issue, focusing on restoring customer systems. Microsoft deployed experts to work with affected customers and collaborated with other cloud providers to mitigate the impact.

Technical Steps Taken to Resolve the Issue

CrowdStrike pinpointed the problematic update and reverted changes to stabilize systems. Microsoft provided manual remediation documentation and scripts and updated the Azure Status Dashboard to keep customers informed. Both companies mobilized full resources to address the issue quickly.

Customer Communication and Support Efforts

CrowdStrike used their support portal and official channels to update customers and recommended specific remediation steps. Microsoft shared updates and solutions through official platforms to ensure widespread awareness and swift resolution. CrowdStrike also provided guidelines on their blog and support portal for further assistance.

Challenges and Recovery Efforts

Technical challenges in the recovery process

Recovery was tough due to the need for manual remediation of many devices. A critical issue was the lack of a phased rollout of updates, which would usually help reduce the impact. Companies deployed hundreds of engineers to work directly with affected systems and used specific recovery tools to restore PCs.

Cloud vs. on-premises remediation

Addressing issues in cloud environments like AWS, Azure, and GCP involved unique challenges compared to traditional on-premises systems. Cloud platforms don’t support conventional recovery methods like “safe mode,” requiring administrators to use more complex procedures to resolve issues.

The role of BitLocker in recovery

BitLocker, Microsoft’s disk encryption technology, played a dual role. While it provided essential security, it also complicated recovery efforts by requiring access to the BitLocker Recovery Key to manage disks securely.

Learning from the CrowdStrike Outage: Enhancing Disaster Recovery Plans

The recent CrowdStrike outage teaches an important lesson for all organizations: the need for a solid disaster recovery (DR) strategy. This incident reminded us that in today’s digital world, no system is immune to disruptions. Whether it’s due to cyberattacks, technical issues, or natural disasters, having an effective DR plan is crucial for maintaining business continuity and minimizing downtime.

Here are a few key takeaways for bolstering your disaster recovery plans:

• Practice Regular DR Drills and Update/Review Plans Continuously: Run simulations of possible outage scenarios to test your response strategies and find any weaknesses and regularly review your DR plans to adjust to new threats
• Backup Essential Data: Regularly back up all crucial data and store it in multiple locations.
• Have a Failover Plan: Determine your failback plan to get back to your production environment

Stay Vigilant: Scammers Exploit Chaos During Outages

The outage also shined a light on another big problem: opportunistic scammers. While CrowdStrike was handling the chaos, scammers swooped in to take advantage of the situation, making things even more complicated for businesses. This really drives home the point that we need not only a solid DR plan but also strong cybersecurity measures to protect against these kinds of threats when we’re most vulnerable.

Key Takeaways and Future Directions

This outage showed just how dependent we are on digital infrastructures and the critical need for robust cybersecurity measures. It highlighted the importance of rapid response mechanisms, effective customer communication, and ongoing innovation in cybersecurity practices.

As we continue to navigate the digital world, this event underscores the significance of preparedness and resilience. It’s a call to enhance cybersecurity protocols and collaborate to build a more resilient digital ecosystem, ensuring we’re ready for any future threats.

FAQs

1. What sectors were impacted by the CrowdStrike outage?
The CrowdStrike outage had a broad impact, affecting various major business sectors globally. Notably, it caused significant disruptions at airports, leading to severe delays and cancelations of flights, as the computers essential for these services were compromised.

2. Was the Microsoft outage caused by CrowdStrike?
Yes, the global outage experienced by Microsoft on Thursday was triggered by an issue with CrowdStrike’s Falcon Sensor software. This problem led to widespread disruptions and caused the ‘Blue Screen of Death’ to appear on Windows PCs.

3. What were the effects of the Microsoft outage?
The Microsoft outage led to substantial disruptions across numerous sectors. It resulted in flight delays and cancelations, and affected critical services in hospitals, banks, supermarkets, and millions of other businesses.

4. What does CrowdStrike Falcon® Insight XDR do?
CrowdStrike Falcon® Insight XDR is the Endpoint Detection and Response (EDR) component of the CrowdStrike Falcon® endpoint protection platform. It functions similarly to a DVR for endpoints, continuously recording activities to detect and address incidents that bypassed initial preventive measures.

The post Understanding the Microsoft CrowdStrike Outage: Key Insights appeared first on Dataprise.

Crowdstrike has stated customers were impacted due to “a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack.” 

What Should I Know:  

This outage is global and is not related to Dataprise or Dataprise services. The issue is related to a security system that Dataprise uses for protection of customer environments. Upon notification of the issue, Dataprise technicians began blocking the update to customer environments.  

What Should Customers Do:  

If you experience any issue related to a Blue Screen, please call the service desk who can help with initiating the recovery processes.   

What is Dataprise Doing:  

Upon notification of the issue, Dataprise has taken mitigating actions to block the update from being deployed to customers.  At this time we believe that if you have not been affected by the issue you are unlikely to experience it.   

Detailed Technical Details:  

Full knowledge Base Article is located here: (Must have a Crowdstrike ID to access)  

Tech Alert | Windows crashes related to Falcon Sensor | 2024-07-19 (crowdstrike.com) 

Published Date: Jul 19, 2024 

Summary 

CrowdStrike is aware of reports of crashes on Windows hosts related to the Falcon Sensor. 

Details 

Symptoms include hosts experiencing a bugcheck\blue screen error related to the Falcon Sensor. 

This issue is not impacting Mac- or Linux-based hosts 

Channel file “C-00000291*.sys” with timestamp of 0527 UTC or later is the reverted (good) version. 

Current Action 

CrowdStrike Engineering has identified a content deployment related to this issue and reverted those changes. 

If hosts are still crashing and unable to stay online to receive the Channel File Changes, the following steps can be used to workaround this issue: 

Workaround Steps: 

Reboot the host to give it an opportunity to download the reverted channel file.  If the host crashes again, then: 

Boot Windows into Safe Mode or the Windows Recovery Environment 

Navigate to the C:\Windows\System32\drivers\CrowdStrike directory 

Locate the file matching “C-00000291*.sys”, and delete it.  

Boot the host normally. 

Note:  Bitlocker-encrypted hosts may require a recovery key.  

Latest Updates 

2024-07-19 05:30 AM UTC | Tech Alert Published. 

2024-07-19 06:30 AM UTC | Updated and added workaround details. 

2024-07-19 08:08 AM UTC | Updated 

The post D3 Alert: Global IT Outage – What to know, What to do  appeared first on Dataprise.

The Cybersecurity Athlete’s Playbook

Your cybersecurity playbook should be as dynamic and comprehensive as an athlete’s training regimen. Let’s dive into the key strategies:

1. Risk Assessment: The Foundation of Cyber Defense

Athletes constantly evaluate their training environments. Cybersecurity teams should do the same with risk assessments. Understand potential threats, identify vulnerabilities, and gauge the impact and likelihood of risks. This solid foundation sets the stage for a strong security strategy, much like a detailed training plan does for athletes.

2. Understanding and Identifying Threats

Knowing your opponent is crucial in sports and cybersecurity. Cybercriminals target organizations for money, political chaos, revenge, or disruption. By understanding these motives, you can better anticipate and defend against attacks. Identifying your organization’s vulnerabilities is like an athlete acknowledging their weaknesses and working to improve them.

3. Developing a Risk Mitigation Plan

Just like athletes adjust their diet or training regimen, cybersecurity teams need a plan to block or reduce threats. This involves better firewalls, intrusion detection systems, and regular testing and patching. Being proactive with risk mitigation keeps your defenses strong.

4. Employee Training: Building a Security-Aware Culture

Olympic athletes rely on teammates for support and motivation. Similarly, a security-aware culture requires everyone in the organization to be vigilant and knowledgeable. Clear policies, effective training programs, and continuous education are key. Employees should feel comfortable reporting potential security incidents without fear of repercussions, creating a collaborative defense environment.

5. Advanced Defense Techniques

Top athletes use cutting-edge tech and advanced techniques to stay ahead. Cybersecurity teams should do the same with layered security architectures, robust encryption, and data protection. Staying ahead with advanced techniques ensures your organization can handle sophisticated threats.

6. Threat Detection and Incident Response

In sports, quick responses to unexpected challenges are crucial. The same goes for cybersecurity. Implementing security information and event management systems (SIEM) and endpoint detection and response (EDR) helps identify and mitigate attacks in real time. A solid incident response plan ensures your team can act fast to contain and recover from breaches.

Building Your Cybersecurity Dream Team

Creating a top-notch cybersecurity team isn’t just about technology—it’s about fostering a culture of continuous improvement and teamwork. Here’s how:

1. Foster a Collaborative Environment

Encourage open communication and collaboration among team members. Just like athletes rely on their coaches and teammates, cybersecurity pros should work together to share insights and strategies.

2. Invest in Training and Development

Continuous education is key to staying ahead of cyber threats. Invest in regular training programs and certifications to keep your team updated with the latest knowledge and skills.

3. Embrace Innovation

Stay updated with the latest advancements in cybersecurity tech and methods. Embracing innovation gives your team the tools to combat emerging threats effectively.

4. Prioritize Mental and Physical Well-being

A healthy team is a productive team. Encourage work-life balance and provide resources for mental and physical well-being. Just as athletes need rest and recovery, cybersecurity pros must manage stress and avoid burnout.

Add Dataprise to your Cybersecurity Dream Team

Reaching peak performance in cybersecurity is an ongoing journey that requires dedication, continuous learning, and a strong team culture. By taking cues from the world of elite sports, you can build robust defenses and stay resilient against cyber threats. Just like an Olympic team works together to achieve greatness, your cybersecurity team can reach new heights with the right strategies and mindset.

Ready to build your cybersecurity dream team? Let Dataprise guide you on the path to peak performance. Contact us today and take the first step towards securing your organization’s future.

The post Peak Performance Cybersecurity: Building Your Defense Dream Team appeared first on Dataprise.

Don’t Be Caught Unprepared. Learn How to Effectively Respond to Cyber Attacks

It’s every business’s worst nightmare: a crippling cyber attack compromising your systems and data. When the unthinkable happens, will you know how to respond swiftly and effectively?

In this session, our cybersecurity experts will walk you through a step-by-step incident response plan. You’ll learn:

• First actions to take when you detect a breach.
• How to execute a communications plan to minimize reputational damage.
• Prioritizing incident response activities based on business impact.
• Determining when to involve vendors, partners, and authorities.
• Timelines for getting your critical systems back online.

Don’t risk extended downtime, data loss or compliance penalties from an inadequate response. Prepare your business now to withstand and quickly recover from cyber incidents.

Panelists include industry experts:

• Nima Khamooshi: Vice President, Cybersecurity, Dataprise
• Tara Bartels: Manager, Advisory Services, Dataprise
• Cameron Buriani: Senior Solutions Architect, Crowdstrike

The post The Response: What To Do When a Security Incident Happens appeared first on Dataprise.

The Risk Landscape is Changing in 2024

Forbes and Gartner have both rated risk management as a top priority for business leaders. This means quantifying your risk profile and going beyond the traditional focus on preventative measures and front-loaded due diligence to set your sights on strategies for resilience. 

Cybersecurity insurance plays a critical role in driving cyber resilience by providing a financial safety net and enabling organizations to transfer a portion of their risk. But the insurance marketplace is also shifting, and it can be difficult to navigate the rising premiums, requirements, and regulations.  

To truly achieve effective cyber resilience, organizations must be ready to adapt and adopt a comprehensive strategy that integrates cyber resilience, third-party risk management, and robust cyber insurance coverage.

In this 30-minute session, we’ll cover:  

• How the risk management landscape is shifting in 2024 and real-world examples of how key security leaders are addressing the shift. 
• The role of cybersecurity insurance in driving cyber resilience for your business, how to know if you have the right type of coverage for your operations, and how to handle rising premiums. 
• Emerging cybersecurity trends and how they are affecting the risk and insurance market places. 

Panelists include industry experts:

• Andres Franzetti: CEO and Co-Founder of Risk Cooperative
• Jason Stein: VP, Cybersecurity, Telarus
• Chaz Chalkley: VP, Channel and Strategic Partnerships

The post How Cyber Insurance Is Shaping the Cyber Protection Priority List appeared first on Dataprise.

Despite Dell’s initial response, Menelik allegedly carried out a second attack on a different portal, this time accessing even more personal information, including names, phone numbers, email addresses, and confidential service reports with detailed hardware information, diagnostic logs, and technician notes.

Protecting Your Digital Identity

In light of these breaches, it’s important to take proactive steps to protect your digital identity. Here are some measures you can take:

Strengthen Your Passwords

• Create Strong, Unique Passwords: Use complex passwords for every account.
• Use a Password Manager: It simplifies managing multiple passwords and ensures they are secure.
• Consider Passkeys: These offer a more secure and user-friendly alternative to traditional passwords.

Embrace Two-Factor Authentication (2FA)

• Enable 2FA: This adds an extra layer of security by requiring an additional verification step.
• Use Authenticator Apps or Physical Security Keys: These methods provide robust protection against unauthorized access.

Stay Vigilant Against Scams

• Be Cautious with Unsolicited Communications: Verify any unexpected messages claiming to be from Dell or requesting personal information.
• Look Out for Phishing Attempts: Cybercriminals may use exposed information to trick you into revealing more data.

Monitor Your Accounts and Credit Reports

• Regularly Check for Suspicious Activity: Keep an eye on your financial accounts and credit reports.
• Consider Credit Monitoring Services: These can alert you to any unusual activity.
• Freeze Your Credit Reports: This can prevent unauthorized access or the opening of new accounts in your name.

Keep Informed and Stay Updated

• Follow Official Updates from Dell: Stay updated with the latest information and recommendations from Dell.
• Seek Professional Help if Needed: Consider consulting cybersecurity experts for personalized advice and protection.

Embracing a Proactive Mindset

Data breaches are becoming more common, so it’s essential to be proactive in protecting your digital presence. By strengthening your passwords, using two-factor authentication, staying alert to potential scams, monitoring your accounts, and keeping informed, you can significantly reduce the risks of cyber threats and breaches.

.

The post Dell Technologies Data Breaches: What You Need to Know appeared first on Dataprise.

The Rise of HR and IT Phishing Scams

Statistics and Trends

1. A 2023 study by IBM Global Security identifies phishing as the primary cause of corporate data breaches, underscoring the costly nature of these cyberattacks.
2. Research from SlashNext reveals a 61% increase in phishing attacks in 2022 compared to the previous year, highlighting a significant rise in such threats.
3. KnowBe4’s study in the second quarter of 2023 reports that nearly one in three email users are likely to click on a suspicious link or comply with a fraudulent request, indicating a high success rate for these scams.

Why HR and IT Departments are Targeted

1. HR and IT departments handle sensitive employee and system data, making them prime targets for phishing scams.
2. Cybercriminals use HR-related subject lines, such as updates on vacation policies or performance reviews, to create emails that appear legitimate and urgent.
3. The emotional impact of HR communications leads employees to perceive these as trustworthy, increasing the likelihood of falling for phishing attempts.
4. Internal communication channels in HR departments are crucial for sharing timely alerts about phishing tactics and reinforcing security measures.

Common Tactics Used in Phishing Scams

Types of Phishing Emails

1. Spear Phishing: Targets specific individuals or organizations using detailed information which makes the emails appear legitimate and urgent.
2. Whaling: Aims at high-ranking officials like CEOs, using highly sophisticated email content that often discusses sensitive corporate information.
3. Vishing: Involves voice calls instead of emails, where attackers pose as legitimate authorities to extract personal or corporate information.
4. Smishing: Uses SMS or text messages to deliver phishing attacks, often embedding malicious links or phone numbers to trick the recipient.
5. Email Phishing: The most common form, where attackers send emails pretending to be from reputable sources to steal user data.

Examples of HR and IT Phishing Scams

• Open Enrollment Scams: Attackers use the guise of open enrollment to trick employees into providing personal information or clicking on malicious links.
• Fake Job Listings: Often posted to collect personal data from applicants or to install malware when they attempt to apply.
• W-2 Phishing: Targets employee tax information by masquerading as urgent tax communications.
• Travel and Expense Report Frauds: Employees receive phishing emails about supposed problems with travel bookings or expense submissions, urging them to click on harmful links.
• Payroll Updates: Scammers send fake payroll or bonus updates to employees, prompting them to input confidential information on spoofed websites.

Impact on Organizations and Employees

Financial and Security Risks

1. Direct Financial Losses: Phishing attacks often result in substantial financial damage. For instance, the FBI’s Internet Crime Complaint Center reported that in 2019, such attacks led to losses totaling $1.7 billion for organizations. This includes unauthorized transactions and direct theft of funds, as highlighted by incidents of “CEO fraud” where attackers impersonate executives to solicit urgent wire transfers.
2. Operational Disruptions: Beyond immediate financial implications, phishing can disrupt business operations. The installation of malware or ransomware following a breach can lead to significant system outages, affecting productivity and incurring additional costs for recovery and mitigation.
3. Regulatory Penalties: Legal consequences are also a critical concern. Businesses found non-compliant with data protection regulations due to breaches can face hefty fines.

Preventive Measures and Best Practices

Employee Training

1. Regular Training Sessions: It is essential for employees to undergo regular training to recognize phishing scams. This training should include identifying signs like unusual requests and urgent language, which are typical of phishing attempts.
2. Simulated Phishing Attacks: Implement simulated phishing tests to provide employees with real-life scenarios. Analyze the results to identify vulnerabilities and improve training programs.
3. Continuous Learning: Encourage ongoing education by updating staff regularly on new phishing techniques and cybersecurity threats. This helps maintain high levels of awareness and preparedness.

Technical Safeguards

1. Strong Password Policies: Require employees to use strong, unique passwords for each account to enhance security.
2. Multifactor Authentication: Implement multifactor authentication to add an extra layer of security, making it harder for attackers to gain unauthorized access.
3. Regular Software Updates: Ensure that all business software is up-to-date with the latest security patches and updates to protect against vulnerabilities.

Ongoing Monitoring and Response

1. Active Monitoring Systems: Utilize anti-phishing software and other security tools to monitor and detect potential phishing attempts in real-time.
2. Incident Response Plan: Develop a comprehensive incident response plan that includes immediate actions employees should take if they suspect a phishing attack.
3. Encourage Reporting: Foster a positive security culture where employees feel safe to report any suspicious activities without fear of repercussions. This approach helps in early detection and response to security threats.

To reduce the risk of falling victim to phishing scams, organizations need to focus on strong preventive measures and creating a culture where everyone stays alert and educated. Providing thorough employee training, implementing technical safeguards, and having a quick-response plan form a solid defense strategy for tackling phishing scams. By adopting these strategies, HR and IT departments can protect both the digital and human elements of their organizations and lead the way to a safer, more resilient digital workplace. This collective effort is invaluable in the ongoing battle against phishing attacks, ensuring the company’s integrity and individuals’ privacy stay safe online.

Interested in learning how Dataprise can help keep your workplace safe from cybersecurity risks? Contact us!

The post The Persistent Threat: How Phishing Email Scams Target HR and IT Departments appeared first on Dataprise.

This blog is dedicated to exploring the risks associated with phishing threats, the sophisticated tactics cybercriminals deploy, and the proactive defenses businesses can establish to safeguard themselves.

Decoding the Phishing Menace

Phishing is a crafty form of cyber attack designed to swindle individuals into handing over sensitive data like usernames, passwords, and financial details. These criminals disguise themselves as credible sources, luring victims through emails to tap on harmful links or download malware-ridden files.

The rise of the COVID-19 pandemic and the massive shift towards remote working have fueled a spike in phishing incidents. Companies with less stringent security arrangements, especially those operating from home settings, are prime targets for these digital predators.

Why Phishing is a Pressing Issue for SMEs

For small and mid-sized businesses, the threat of phishing looms large. Many of these businesses lack the financial muscle to deploy advanced cybersecurity infrastructure. Moreover, there’s a notable gap in employee training to recognize and deflect phishing schemes, leaving firms at heightened risk.

The sophistication of phishing scams has evolved, often masquerading as legitimate requests from well-known contacts or organizations. It’s vital for employees to stay abreast of the latest fraudulent schemes and be skilled at spotting the warning signs of phishing attempts.

The High Stakes of Falling Prey to Phishing

The aftermath of a successful phishing exploit can be dire for any business. It can freeze bank accounts, disrupt operations, and even lead to legal repercussions from affected customers or partners. The financial, legal, and reputational harm can be catastrophic, especially if sensitive data governed by regulations like GDPR is compromised.

The Arsenal of Phishing Scams

• Email Phishing: This prevalent method involves sending counterfeit emails that mimic those from banks or corporations, often prompting for personal or financial verification.
• Spear-phishing: Unlike broad-scale phishing, spear-phishing zeroes in on selected employees, utilizing in-depth knowledge about the organization for a more convincing deceit.
• Vishing: Here, phone calls are the weapon of choice, with fraudsters feigning identities from banks or IT firms to wheedle out private information.
• Smishing: Text messages become the conduit for fraud in smishing, instilling a false sense of urgency to provoke hasty, unverified responses.
• Pharming: This more technical approach hijacks users to sham websites by corrupting the DNS system or executing man-in-the-middle attacks.

Protecting SMBs Against Phishing Threats

The cornerstone of phishing defense is a robust set of security protocols. Here are key measures SMEs can adopt:

• Employee Training: Educating employees on the nuances of phishing can turn them into a formidable first line of defense.
• Strong Passwords and Multi-factor Authentication: These can drastically impede unauthorized access.
• Professional Firewalls: A reliable firewall can serve as a sentinel, warding off phishing intrusions.
• Regular Software Updates: Keeping systems current is critical for protection against emerging phishing strategies.
• Work with a Cybersecurity vendor or an MSSP (Managed Security Service Provider): Working with an MSSP equips SMBs with expert security assessments, continuous monitoring, advanced technology, employee training, compliance guidance, and strategic planning to fortify their defenses against phishing threats.

Because phishing threats are constantly escalating and evolving, SMBS have to place cybersecurity at the forefront. Through extensive security measures and continuous employee education, businesses can significantly mitigate their exposure to these digital onslaughts. Talk to our security experts to see how Dataprise can help keep your organization safe from Phishing attacks.

The post Phishing Scams: A Big Threat to Small and Mid-Sized Businesses appeared first on Dataprise.

“With cyber threats on the rise, organizations face unprecedented challenges in safeguarding their digital assets. The inclusion of Dataprise in ConvergeConnect^TM not only provides clients with access to an industry-leading cyber insurance program plus security services, but also ensures they have the necessary safeguards in place to mitigate risks effectively,” said Mary Beth Hamilton, Chief Marketing Officer, Dataprise. 

ConvergeConnect^TM, a partnered insurance program, is backed by Converge Insurance, pioneers in advanced cyber risk management and underwriting, and brokered by Risk Cooperative, a leading minority-owned insurance brokerage. ConvergeConnect^TM offers primary cyber coverage through prequalified technology provider partnerships for companies with up to $750 million in revenue, and provides best-in-class customer solutions leveraging unmatched insights on cybersecurity posture. Dataprise’s Managed Cybersecurity Premier platform underwent and successfully passed a series of rigorous tests and validations to become an approved partner in ConvergeConnect^TM.     

“With cyber attacks increasing in frequency every day, cyber risk is quickly becoming a primary focus for businesses concerned with this fast-evolving threat,” said Converge CEO, Thomas Kang. “Our collaboration with Dataprise builds upon our common commitment to using technology to fight technology by deploying our proprietary data ecosystem to address these growing threats and provide clients with comprehensive insurance solutions.” 
 

The key elements of ConvergeConnect^TM include a streamlined application and underwriting process for current subscribers of Dataprise’s Managed Cybersecurity Premier service, providing core security services and data to establish their eligibility for top-tier coverage and pricing. While tailored for each organization, clients that leverage the Dataprise Managed Cybersecurity Premier can obtain up to a 30% credit on premiums. Quotes and coverage binding are turned around in as little as 72 hours. 

Despite the looming threat of cyberattacks, the vast majority of SMBs lack adequate cyber protection due to cost, inaccessibility, and limited IT resources. Many SMBs are either underinsured or uninsured, leaving them exposed. “The mid-market firms that make up so much of our economic development are the most vulnerable to cyber threats. Many deem the cyber insurance underwriting process too onerous and prices too high to obtain coverage,” says Risk Cooperative CEO, Andres Franzetti. “This partnership and the ConvergeConnect^TM program aim to help close the gap between MSP providers and cyber insurers, offering clients direct rewards to enacting proper cybersecurity defenses, putting a fixed price on recovery resources.” 

“The cyber insurance industry has done more over the last few years to incentivize good cyber hygiene than anything else, as they get increasingly granular in their evaluation of security standards. We are very excited to be partnering with Risk Cooperative and Converge to help our customers build cyber resiliency against the threats of tomorrow,” adds Mary Beth Hamilton.  

About Dataprise 

Founded in 1995, Dataprise believes that technology should enable our clients to be the absolute best at what they do. This commitment to client success is why Dataprise is recognized as the premier strategic managed service and security partner to strategic CIOs and IT leaders across the United States. Dataprise delivers best-in-class managed cybersecurity, disaster recovery as a service (DRaaS), managed infrastructure, cloud, and managed end-user services that transform business, enhance user experiences, and eliminate risks.        

Dataprise has offices across the United States, employs 500+ of the industry’s best and brightest, and supports more than 2,000 clients. 

About Converge 
Converge fuses cyber insurance, security and technology to provide businesses with clear, confident cyber protection. Deploying a proprietary data ecosystem underpinned by expert underwriting, it provides risk solutions that deliver high-value strategies with improved outcomes. Converge’s philosophy is that insurance needs the right elements and personalized approach to mitigate risk. By partnering with its policyholders, Converge precisely formulates their business needs so they can confidently become cyber secure. Converge is headquartered in New York and operates across the U.S.  

About Risk Cooperative 

A division of independent insurance brokerage Ensurise, LLC, Risk Cooperative is a minority-owned insurance brokerage and risk advisory firm.  Licensed in all 50 states and D.C., Risk Cooperative helps organizations address risk, readiness and resilience across all classes of risk – including comprehensive employee benefits, life and health, property and casualty, cyber and other specialty lines. Appointed with all major carriers, we place domestic and international insurance solutions to help meet clients’ needs. 

The post Dataprise, Converge and Risk Cooperative Announce Strategic Partnership to Enhance Cybersecurity Insurance Offerings for Organizations with Managed Cybersecurity appeared first on Dataprise.