‍

Washington DC - April 6, 2022 – MOXFIVE, a technical advisory firm specializing in cybersecurity and information technology, today announced the launch of their MOXFIVE Priority Controls bundle to support organizations in more efficiently securing and hardening IT environments. MOXFIVE launches the Priority Controls bundle amid increasing pressures from the cyber insurance market and recent recommendations from the White House that focus on immediate steps organizations can take to bolster cybersecurity, while building resiliency over the long term. 

With cyber threats continuing to track upward, most cyber insurance carriers are requiring organizations to have more robust security controls in place in order to provide insurance coverage. While the list of security standards and requirements can appear daunting, MOXFIVE helps organizations navigate and tangibly improve IT infrastructure resilience to present a more favorable risk profile to insurers and protect the insured from future risk. 

“We continue to see organizations of all sizes take cybersecurity more seriously and demonstrate a willingness to further invest in hardening their IT environments,” says Mike Wager, MOXFIVE Founder and CEO. “Now more than ever, it is important to help organizations cut through the noise to efficiently obtain the security controls that are most relevant for their situation. MOXFIVE is dedicated to helping organizations harden their environments by implementing best practices that can not only minimize the impact of an attack, but also help organizations obtain reasonably priced cyber insurance, which is increasingly a business requirement.”

Building a Strong Foundation for Cyber Resilience

With MOXFIVE’s Priority Controls bundle, organizations can address their ability to obtain insurance coverage at a reasonable price, and implement initiatives that will assist in reducing further cost. Focused on strengthening cybersecurity basics, the Priority Controls bundle includes the following: 

• Endpoint Detection and Response/Managed Detection and Response (EDR/MDR): Endpoint detection and response (EDR) provides protection and mitigation capabilities across critical phases of the attack lifecycle and is highly effective in reducing the business impact of attacks and mitigating your attack surface. Organizations should install agents, activate blocking capabilities for all servers and end-user systems, and monitor alerts 24x7.  
• Multifactor Authentication (MFA): Credentials being stolen, reused, or even guessed often leads to an intrusion, or turns what could have been a small incident into an enterprise-wide issue. Enabling MFA throughout the enterprise is becoming a new standard in order to obtain cyber insurance coverage. Organizations should prioritize email, virtual private networks (VPNs) and Internet-facing systems that could provide entry to the network.
• Privileged Access Management (PAM):  In the average enterprise environment, there are hundreds to thousands of credentials in use and teams can be overwhelmed with tracking which credentials have been used on which systems and when they were last changed. Organizations need to place passwords for privileged accounts under management of a tool that automatically rotates passwords and requires MFA.
• Backup Assessment and Configuration: Resilient backups isolate data from intentional corruption by an attacker who gains privileged access to the network. Organizations should protect at least one backup mechanism from being corrupted deliberately by an attacker who has administrative-level privileges in the environment. There are multiple approaches to addressing this goal, typically involving a cloud-based secondary backup mechanism that is configured to be “immutable."  
• Sensitive Data Assessment: Knowing how to protect sensitive data starts with knowing what sensitive data exists and where it lives, which can vary widely depending on the business. It is critical to understand and proactively manage the vast information that runs your organization in order to quickly identify and secure sensitive data to mitigate legal and regulatory notifications.

Cyber insurance is a critical risk mitigation measure and organizations that bolster their cybersecurity programs are both more likely to be eligible for coverage and better protected against future cyber threats. To learn more about how MOXFIVE supports cyber insurance requirements and build better cyber resilience, visit our website. 

About MOXFIVE

MOXFIVE is a specialized technical advisory firm founded to help minimize the business impact of cyber-attacks. With deep roots in incident response and corporate IT, MOXFIVE strives to be the go-to technical resource for our clients. Whether responding to an attack or hardening their environment, our Technical Advisors help organizations of all types solve their most challenging technology-related problems by providing technical expertise at scale.

‍