This isn’t news… cyber attacks are becoming more than just an occasional threat. The frequency of attacks is increasing, with many of them leading to major data breaches. You no longer need to go back months to find large-scale attacks being reported. This year saw waves of attacks that affected hospital care, stalled America’s biggest gasoline pipeline, brought a huge meat supplier to its knees and devastated hundreds of managed service providers. These breaches cost companies millions of dollars in revenue, lost reputation and legal damages. Because of this, insurers are rethinking their coverage and addressing the shared responsibility model so they are enabled to properly assume these risks and hold policyholders appropriately accountable.
Cybersecurity Insurance is a type of insurance that protects employees when their data is compromised by a cyber attack. It also provides protection in the event of a physical attack on the workplace’s infrastructure or theft of trade secrets.

Insurers taking a closer look at how they will cover for cyber threats

In light of the increase in ransomware and other successful data breaches and attacks, it is not surprising that insurers are taking a hard look at whether or not they should be liable for damages. This is particulary true in cases where there is no physical damage to be covered by traditional insurance policies and less than adequate cyber defenses are put in place by policy holders. There is still a lot of uncertainty with what the future holds for those who were victims to hackers but experts say it’s only a matter of time before we see changes in how cyber insurance works.

Insurers are considering all possible ways that hackers may use cyber attacks to develop better underwriting standards for policies that can protect enterprises and their intellectual property from these attacks. A new change in underwriting will also come to the policy holder as there will be requirements to “beef up their own cyber defenses” and protection solutions according to Tom Reagan, Marsh McLennan’s head of U.S. cyber practice.

Cybersecurity insurance is at an inflection point but it is on pace to be a $3 billion industry. With this much money at stake, insurers will surely put in place tighter coverage standards and increase prices. Therefore, it is paramount that policyholders increase not only their cybersecurity solutions along the industry standards but, also, increase their awareness to this new and persisting threat.

You need to understand in detail what is not covered by your cybersecurity policy.

Policyholders must have discussions with their insurance providers

Gartner has reported that “Cybersecurity insurance is entirely a reactive product. It will not prevent a cybersecurity breach or immediately reduce the impact on the delivery of services to your end users. Therefore, you must continue to invest in your security program alongside your cybersecurity insurance considerations.”

Given the reactive nature for these new insurance offerings the policyholder needs to make sure they are compliant. This means companies and individuals need to follow compliance frameworks like CIS, NIST CSF or ISO 27001. Adhering to these standards can ensure that your company has proper processes and standards in place to address the overall risk.

These industry standard frameworks are designed to be easy for any organization of any size or level of security risk to adopt. The framework is not a rigid “checklist” – it is a tool that will help organizations identify and prioritize actions within their cybersecurity strategy based on the organization’s risk profile and industry. Together, with a properly executed insurance policy, you are protected as best as you can be in the event of an attack.

Tips for self-auditing and engaging your cyber insurance organization

You can use the below questions to self-audit and assess your cyber risk.  This will help you to understand what your risk tolerance is and to make decisions for the amount of coverage required or risk to be transferred.

  1. Can you quantify the maturity of the security at your organization?
  2. Is your company prepared for an attack?
  3. How much will it cost to improve the security?
  4. What are the consequences if you don’t act?
  5. What is the likelihood of an attack happening in the next year or two?

Companies are increasingly relying on cybersecurity insurance to help transfer their risk , once determined, that comes with such attacks. But the policy holder must be proactive in planning their defense when preparing to take on a cybersecurity insurance policy.

Once you have answered the questions above and have properly assessed your cyber risk tolerance, insurers will look to have an answer for these five crucial questions:

  1. What are you doing to protect your data?
  2. What is the probability that your company will be hacked?
  3. What are the consequences if you are hacked?
  4. Do you have a business continuity plan in place?
  5. How far back does your company’s data go and how much of it is important?

Preparing your organization to answer these questions and having a candid conversation with your insurer can help you ensure that you’re meeting your policy’s requirements. By having these candid conversations, you can show your willingness to participate in the shared responsibility model and own those controls that must be put in place according to your chosen framework.  Any discrepancies can be communicated, and a plan developed, to ensure that progress is made to become compliant with your policy and framework.

Bottom line is that changes are coming to cyber insurance coverage.  Taking the time today to be proactive in how you assess and manage your risk, develop your internal security program maturity, and prepare for the worst will put you in a position to get the most out of your cyber insurance investment.

 

Steve Sims
VP, Security & CISO
Green Cloud Defense

GREENVILLE, S.C. (July 6, 2021) – Green Cloud Defense (“Green Cloud”), a cloud technology and security solutions provider, today announced it has deepened its relationship with Fortinet, a global leader in broad, integrated and automated cybersecurity solutions, to provide a managed Security Information and Event Management (SIEM) service as well as an Endpoint Detection and Response (EDR) service.

The two new solutions significantly strengthen and expand the security product portfolio of Green Cloud Defense, one of the largest independent channel-only cloud Infrastructure-as-a-Service (IaaS) providers in the country. In addition to SIEM and EDR, the company also offers managed email security and managed firewall solutions, part of the Fortinet Security Fabric, to all their Managed Service Providers (MSPs) across the United States.

“As the cybersecurity landscape continues to evolve and mature, our channel partners are actively searching for solutions to provide data protection and security for their end users,” said Keith Coker, CEO. “Since the acquisition of Cascade Defense earlier this year, we’ve been laser-focused on delivering the latest technology in combatting threats like phishing, ransomware and zero day attacks and improving visibility and response times.”

Green Cloud’s managed SIEM product is powered by Fortinet’s FortiSIEM solution which helps identify insider and incoming threats that would pass traditional defenses. The company’s managed EDR service is powered by Fortinet’s FortiEDR solution which delivers advanced, real-time threat intelligence, visibility, analysis, management, and protection for endpoints both pre- and post-infection.

Today, Green Cloud Defense has 70 employees, serves 700 channel partners, operates six data centers and has a Security Operations Center (SOC) in Spokane, Washington.

DRaaS Powered by VMware

 

We started Green Cloud Defense almost exactly 10 years ago and, from day one, we have been running our shared (public) cloud infrastructure on VMware’s hypervisor.  Our 800 partners across North America utilize VMware’s vCloud Director to deploy, automation and manage virtual infrastructure resources in these multi-tenant cloud environments. A couple of years ago, Green Cloud was designated as a VMware Cloud Verified provider meaning the services we offer are based on the most complete VMware cloud infrastructure technologies available.

Today, 10 years later, with six data centers located across the county and with thousands of virtual machines (VMs) in production, we are launching a fully functional disaster recovery product built within the VMware vCloud Director footprint.

What does this mean for our partner community?  They now have the ability to recover protected workloads – both on-premise and in the cloud – into a second Green Cloud data center through a self service portal within the vCloud Director interface. For those not comfortable managing this on your own, feel free to call us. Our dedication to service and support to our network of partners remains the same.

Like all disaster recovery solutions sold by Green Cloud, we will still assist the partner in setting up the secondary site, pre-building IP schemes and setting up firewalls on the recovery site to ensure there are no “gotchas” when the partner/end user needs to failover in an unpredictable disaster scenario.

Why is this disaster recovery solution different? Disaster Recovery powered by VMware allows you to manage your workloads on per VM basis. You can choose different Service Level Agreement (SLA) profiles on a per VM basis. With Recover Point Objectives (RPOs) as fast as one hour, this solution allows our partners to talk about specific recovery times and retention policies on a per VM basis – all while effectively managing the solution and the budget.

We have priced this solution very, very aggressively.  You pay a small fee on a per VM basis and reserve the necessary compute and storage on the target side. This is lockstep with our goal: to deliver the cloud solutions you want, with the support you deserve and at a price point that you can afford.

While some disaster recovery solutions are unreliable, complex and expensive, and many not scale at the required levels of protection or expectation, Disaster Recovery powered by VMware is reliable and effective while remaining extremely affordable. We truly believe this solution is a win/win for our partners and their end users.

AUTHOR: Charles Houser

Rebranding Positions Green Cloud Defense as a Full-Service Managed Security Provider More Prepared to Manage Cybersecurity Threats for MSPs

GREENVILLE, S.C. (March 4, 2021) – Green Cloud Technologies (“Green Cloud”), a cloud technology solutions provider, has closed on the acquisition of Cascade Defense, a full-service managed security service provider (MSSP) in Spokane, Washington. The acquisition has resulted in the rebranding and the renaming of Green Cloud Technologies as Green Cloud Defense, one of the largest independent channel-only cloud infrastructure-as-a-Service (IaaS) providers in the country.

Green Cloud Defense has significantly strengthened and expanded its security product portfolio and will now be offering all their Managed Service Providers (MSPs) fully managed Security Information and Event Management (SIEM) software and a Security Operating Center as-a-service (SOCaaS). Green Cloud has also obtained a Fortinet MSSP Expert partner and a full-service Security Operations Center (SOC) with the acquisition.

Green Cloud Defense’s headquarters will remain in Greenville, S.C., where Green Cloud Technologies started in 2011. Cascade Defense founders Eric Foster and Steve Sims will work in the new Green Cloud Defense Spokane office and have assumed new roles. Foster is Green Cloud Defense’s VP of Security Operations, and Sims is Green Cloud Defense’s VP of Security & Chief Information Security Officer (CISO).

“Everything we do at Green Cloud Defense is to better serve our channel partners. Bringing new talent and technology to our current offerings will take our company to the next level and give our security capabilities a significant boost,” said Keith Coker, CEO

and co-founder of Green Cloud Defense. “The rebrand will only strengthen our company and better represent our commitment to innovation and best-in-class technology and resources to better serve our partners’ security needs.”

Today, Green Cloud Defense has 70 employees, serves 700 channel partners, operates six data centers and has a new office in Spokane, Washington.

Acquisition Strengthens Green Cloud’s Cybersecurity Solutions

GREENVILLE, S.C. (February 10, 2021)Green Cloud Technologies (“Green Cloud”), a cloud technology solutions provider, has reached a definitive agreement to purchase Cascade Defense, a full-service managed security service provider (MSSP) in Spokane, Washington. The transaction is expected to close in the first quarter of 2021, subject to customary closing conditions, and it will strengthen and expand Green Cloud’s security product portfolio.

As one of the largest independent channel-only cloud IaaS (Infrastructure-as-a-Service) providers in the country that sells cloud infrastructure to Managed Service Providers (MSPs) and Value-Added Resellers (VARs), Green Cloud is committed to providing over 650 partners with advanced cybersecurity solutions. With Cascade’s technology and expertise, Green Cloud is obtaining a Fortinet MSSP Expert partner and a full-service Security Operations Center (SOC). In conjunction with the acquisition, Green Cloud will be rolling out fully managed Security Information and Event Management (SIEM) software and a SOC as-a-service (SOCaaS) to their MSP partner ecosystem.

“Cascade Defense will accelerate our vision to better detect and respond to cyber threats and significantly strengthen our security capabilities,” said Keith Coker, CEO and cofounder of Green Cloud. “Cascade is the perfect fit for Green Cloud as we both share a passion and commitment to innovation and best-in-class technology and resources to compete in the rapidly growing security space.”

“Green Cloud has committed to expanding our product offering by investing in our people and processes,” added Steve Sims, co-founder of Cascade Defense and newly appointed VP of Security and Chief Information Security Officer (CISO) at Green Cloud. “This is an exciting time for our customers and the Cascade Defense team.”

Q Advisors, a leading Technology, Media, and Telecommunications (TMT) investment banking boutique, acted as financial advisor to Green Cloud for this transaction. Headquartered in Greenville, S.C., Green Cloud was founded in 2011, and today, the company has 70 employees and operates six world-class data centers in Atlanta, GA, Greenville, SC, Houston, TX, Minneapolis, MN, Nashville, TN and Phoenix, AZ. The acquisition of Cascade Defense will give the company an additional office in Spokane, Washington.