James Wickson:
Good afternoon, everybody, from the UK. I know that we are representing ICMIF today in speaking to ICMIF members all around the world. Today, myself, Matt Cullina, and Thomas Updegraff will speak ever slowly in English and we’ll make sure that we don’t run ahead too fast to give those in other continents time to understand and process what we’re saying in English. Today, there will be a small interactive session, so please could I ask all people on the webinar today and ICMIF members, please could you have to hand in the next 15 minutes your personal mobile phone. That’ll be great. We’ll walk through an interactive session whereby myself and my colleagues can show you the strength of the preventative solution we are going to talk about today.
Why are we here today? Why have you been invited? Cyberscout have been in supporting member of ICMIF for a number of years. And you guys on the webinar today, our ICMIF members, we have not launched this product globally as yet. We are showcasing this to you as an ICMIF member so you get to see it before everybody else in the world. We’re showing our friends and our colleagues and our family ICMIF this wonderful solution before anybody else and we hope that you find it as exciting as we do before we launch it to the national market. As an ICMIF member, you will have the opportunity to engage with Thomas, myself and Matthew, and be first to market should you wish to look upon this solution as something to offer to your members.
To this point, we are just going to go to the next slide of which I will do, and we’re just going to introduce ourselves. So I’m speaking already. My name is James. I look after the new sales business across the whole of the globe for Cyberscout, which is a TransUnion company. I’ll pass over to Tom Updegraff, he’ll give his introduction. Then we’ll pass to Matt Cullina, and Matt will then take the slides from here. Looking forward to speaking to you soon. Over to Tom.
Tom Updegraff:
Hello, everyone. Good morning, good afternoon, good evening. My name is Tom Updegraff, and I am leading our global client success organization. What that means is that when James and his sales team close a deal, my team takes that deal from implementation to full rollout and ongoing success. I look forward to talking to you today about some case studies where we can highlight risks to you and to your policy holders and ways to mitigate that risk. Thank you.
Matt Cullina:
Hello, everybody. This is Matt Cullina. It’s so great to be in front of the ICMIF community. Again, we just love being supporting members of ICMIF and love connecting with you all. Joining you today from a very springtime Paris, so happy to participate in this call today. My job in this presentation is really to set the stage for where we’re at from a risk standpoint when it comes to cyber risk. I know often when we’re talking to audiences about cyber, it’s such a topic that’s hard to understand. It has so many different components to it that often maybe people don’t really lean in to try to understand. For today, we’re really going to dive into our specific risks within the cyber world, and it comes down to the scams that happen as a result of people’s activity and interactions with these technologies.
So we’re just starting off, kind of table setting here. This slide is a busy slide, but really, what we wanted to show is that your data and data from people across the globe, eight million people on the planet, six million adults, 17.2 billion records exposed. And these are just public breaches. These are just breaches that hit the news. In our world, we handle about 70 breaches a month, and I would say about 90% of the breaches we handle never see the press. So these are just published breaches, but it shows you that it’s an equal opportunity sport. It’s happening to government entities. It’s happening the large corporates, at every different vertical you can think about, every different industry you can think about, and every different part of the world you can think about.
And in the black market community where the threat actors thrive, where cyber criminals thrive, this is their currency, data is their currency. Just like in your insurance worlds, data is so important to the underwriting, the management, the claims processing and interactions with your customers, even the marketing to your customers. What threat actors really live on is gaining access to this data. This is the table stakes, this is the baseline. Once they have our data, they can start misusing it in a variety of ways, which is what we’re going to get into today.
What I would say is that if you asked me five, seven years ago around the scope of data that would be important and really needing to be protected against cyber criminals, it would be a relatively small scope. But what we found is, the type of data that may have been common data in the past, like maybe your personal email, maybe that wasn’t need to be protected in the past, today every aspect of your data from your credentials with your bank, from your government credentials, to your work credentials, to your passwords and pins and access to online accounts, to something as simple as your email or mobile number, have become over relevant. Because if you think about it, those pieces of information are used to authenticate yourself across the things you’re doing legitimately on the web. And threat actors know that. So if they can get access to those credentials, they can start to really become you, impersonate you, get to know you and commit other types of scams.
Really, the left-hand column is just we are way more engaged than we ever have been online. This shows seven hours a day on your mobile device. You look at other surveys, basically it’s over 10 hours that you’re looking at a screen, whether it be a laptop, tablet, or a mobile device. All through the pandemic and thereafter, we’ve been buying more and more of these technologies, these gadgets for our home, for use, for convenience, for accessibility, for ease of lifestyle because really there isn’t anything anymore that we do that we can’t do online, and we’re doing more and more of it. So that includes work, and more and more of us, especially if we’re in a white collar role or an office job, still over 70% are working from home. So the co-mingling of your work and life exposure is becoming more and more acute every day.
On top of that, our concerns are growing. We’re not oblivious to the fact that we’re spending more time online, yet we also seen the ramifications of that, the threats that could pop up. If we haven’t had an event happen to us, a scam, a fraudulent activity, it’s happened to our friends or family members. So it’s close. This risk is very close to all of us. But just know that over a hundred cyber threats per household per month. So this isn’t just a commercial issue anymore, this is a personal issue, this is a household issue. And again, that co-mingling of business exposure and personal life is impacting businesses as well, not just your own family.
So we did some surveys last year and we asked consumers around the world, what about cyber threats? What are they most worried about? I was really impressed with this one survey question and the result. Still, you got people with their head in the sand, about 18%, they don’t think it’s going to happen to them. They’re not worried about a cyber event. So they’re oblivious. But what you see for the rest of us is, really, we are starting to identify all the areas of cyber risk that are important to understand. Your credentials, again, the keys to the castle, people are concerned about those being exposed. Your emails being scammed online, your social media accounts being hacked. So it’s not just monetary threats, it’s your reputational threats. Cyber bullying is another big concern. So you see that consumers over time are getting more in the know around these cyber risks and really understanding this is a multifaceted risk issue.
Turn for cyber solutions, where do you go? The number one answer that we found is, people said they look to their insurance company. And if you think about it, that’s where they go for their other protections. When there are big risks in their life that they don’t think they can control, that they were to have an event or a claim, they know they couldn’t take it on themselves, both from how do I figure out how to get out of this problem, let alone how am I going to pay for it? People are looking to this insurance industry as the number one area for them to find this type of cyber protection, followed by their bank or even their business or employer that they work for.
But if you think about those last two categories, really, they only cover one aspect of your life, whereas your insurance company tends to cover a variety of aspects of risk in your life. And then finally, you still have folks that don’t know where to turn. So there’s still a lot of uncertainty. This is new. How do I protect myself? Where do I turn? Who can I rely on? Who do I do business with today that can help me out of these situations in the future?
So this is our own claims data. We work with insurers all around the globe, now over 30 countries, and both small commercial insurance programs and personal lines, private lines, homeowner’s, insurance, cyber programs. And this is a really startling result. So this is based on 2022 data versus ’21 data. Whereas in 2018, 2019, 2021, cyber extortion was the number one claim type that we’ve seen. We saw significant decrease in cyber extortion claims in 2021. It went from one out of three claims to one out of 10 claims. And there’s a variety of reasons for that we’re not going to go into today.
But what we’re really wanting you to focus on is, okay, what filled that gap? And what filled that gap are social engineering claims, that went from pretty much about 20% of claims to an 80% increase, to almost half of all claims that we see today involve social engineering claims. So rather than targeting systems like in a cyber extortion attack, what social engineering scams do is they attack you and me. What threat actors have realized is that we are the vulnerability. Our technology isn’t. And if we can co-opt people, then they can do all sorts of things whether to damage your reputation or to commit fraud.
So we’re going to look a little bit more closely. Basically, this shows that, still, cyber claims are relatively low frequency and severity in our world. It’s still a very, very profitable business, single digit to maybe 10 to 12% overall loss ratio. And what we’re finding is that there is an increase overall in the claims coming in as well as in the claims payouts. So the severities of those payouts. And what’s driving the severity issue today are the social engineering scams because these loss amounts can be pretty significant even if it’s happening to a household, not just a business. What they’re trying to do is impersonate your lifestyle and intercept how you’re doing business. If it’s a wire transfer fraud, for example, the average take on a wire transfer fraud is about $25,000, in US dollars. So it just shows you that these aren’t insignificant targeted scam amounts. So I’m going to turn it over to my colleague Tom Updegraff, and he’s going to go through some case studies to get you a little bit more in depth around what we’re seeing on the ground. Over to you, Tom.
Tom Updegraff:
Thank you, Matt. I think the takeaways from the trends that Matt shared, the information in terms of the constantly evolving landscape of cyber criminals, what we see is that these cyber criminals are constantly changing and evolving themselves. And these are not just individuals that are targeting you and your family, they’re nation states that are supplied and financed. They’re also criminal enterprises. Unfortunately, with these resources, they are able to predict trends. They are able to change and pivot the ways that they are approaching us as individuals and extorting us in terms of different approaches to vulnerabilities, whether it’s email, whether it’s social media, whether it’s phone calls or even texts.
In this particular case study, we worked with a customer on a social engineering scam. What we saw was, during the pandemic, as Matt mentioned, everyone was working from home, everyone was living all aspects of their lives from home. They were going to school, they were worshiping, they were communicating with friends and family. And what that did was that allowed so many additional opportunities for these cyber criminals to gain access to our personal information as well as to set up different approaches to attack our personal lives. In this particular situation, this individual was contacted by a recruiter online, so this person was actively seeking a job. They went through a virtual interview process. And once they accepted a job, they were asked to provide money upfront to purchase equipment. Unfortunately, with this situation, this is totally abnormal, but this person was vulnerable and they trusted that this was a legitimate job offer and opportunity. They actually went through the process of purchasing this equipment. And unfortunately, when she went to find out more information about the job, she found out that the company that allegedly hired her was not even in existence.
What occurred at that point is she relied on her insurance policy to utilize services through Cyberscout. Our company is designed to take individuals and businesses from a situation of crisis, making sure that we understand the full scope of what the individual or business’ situation is. They work with one of our experts who has been expertise in cyber resolution for 10 to 15 years, and they will work with that individual to resolve whatever their situation is. In this particular case, they worked with our incident coordinator. They did have to file a claim for this particular out-of-pocket expense, but you can see the complexity of this type of social engineering.
The second case study is really around ransomware. In this particular situation, we had a customer call into our resolution center, and the Cyberscout incident response person was immediately able to gather information about the risk of the information that had been exposed. They determined that there were appropriate backups on some of the devices and they advised and assisted with the individual in restoring network functionality and helped them install scanning malware. Once that was done, computers and other systems could then safely access the network and reconnect to the cloud backup service. The policy holders’ initial quick actions by contacting their insurance company and utilizing Cyberscout services contained the ransomware to only a couple devices. Our teams facilitated a complete security wipe on these machines, and was conducted by a qualified technology provider. And in this instance, the damage was limited and the family did not lose any data in the incident. And in this partnership with the insurance company, we were able to return the family’s network and information back to its original state. And with that, I will pass it over to James to talk in detail about the services around proactive protection.
James Wickson:
Thanks, Tom. So guys, I’m just going to go over a quick recap and then I’m going to ask, as I did at the start of the call, for you to take hold of your personal mobiles and let’s have an interactive session. So Matt spoke of the market trends, how the market is shifting and how threat acting communities are now targeting both commercial lines, as they always have, and businesses around the world. But now, more prevalent than ever, social engineering towards individuals. That’s you, that’s me, your mom, my dad, our children, vulnerable people, high net worth people, low net worth people. It doesn’t matter, that’s the state of the world we live in today, connected world. And that’s the risk.
Tom then spoke of just three case studies on how we at Cyberscout, we service 50 million policies around 200 million people globally and we take calls from all types of people looking for proactive support, reactive support, and across any line of cyber inquiry that they may have on personal and commercial lines. So we build a global picture and a global understanding of the threat that occurs today. What helps with that is, my background is not insurance, it’s cyber. I’ve had the privilege of working in the cyber industry for many years and I’ve been able to see the trend change, and that reflects back onto the final point that I’ll recap, what Matt has seen globally in claims and claims being filed to call upon the insurance coverage.
So I’ll pause there and I’ll ask everybody to take their mobile phones. Now, typically this works really well in a live audience where I’m speaking to people individually in a group. Little bit more difficult on a webinar, but I’m going to give it a go and just see how it rolls. So we know, by the recap I just gave and what Tom and Matt spoke about, that social engineering is the biggest risk to our community, both commercial and personal today, and social engineering happens in many forms. But for today, I’m going to talk about email phishing, texting, WhatsApp, and all of the mediums of which we communicate on to third parties, friends, family, or whoever we want to surfing the internet.
Now, if you would do me one small favor please and take your personal mobile phone in your hand, I would ask you to go to your personal email, if you have one. Now, it’s really important you don’t use your company device because the type of preventative solution that I’m going to talk to you about today will already be housed within your company device. This is for consumers, this is for people, this is for, as I said, you, me, your mom, my dad, our children, our grandparents. Now you are in your personal email. I’d ask you to go to your spam or trash. It’s typically spam everywhere around the world. And you’ll likely see in there emails from trusted institutions, conglomerate businesses around the world that you think are interacting with you but is a threat actor.
An example would be PayPal, a global payment mechanism or transactional system that is live in every country around the world. PayPal may have emailed you and said, “Dear James, please click on this link to renew or gather funds that we’ve collected. Your owed money, click here. Your account is about to expire, renew your password.” Just one example. And those phishing attempts happen hundreds of times a day to us. Now, typically some of those filter through to our main inbox. Therefore, as humans, we are curious by nature and we’re trusting, and therefore sometimes we click on them. By clicking on that link, we deliver malware to our device. By delivering malware to our device, we are then talking to a threat actor and they can steal our credentials, impersonate us, and take over our lives, causing much distress. So we’ve walked through a live example, and I’m sure at the back of the webinar you’ll be picking up your phones, your parents, your children, your wife, your partner, and you’ll be looking at these emails and thinking, “Crikey, they exist.”
Now, let’s just talk about the next slide. And there it is. Okay. The solution I’m going to talk to you about today is a solution called preventative DNS. Before I talk to you about that solution, let me talk to you about what is DNS. DNS is the internet’s phone book. It’s your contact list. It’s the destinations that you choose to travel to on the internet. DNS stands for domain name server. In simple terms, if I were to type into my URL box and type in www.google.com.uk, .au, .eu, whichever destination in the world, the written text is actually numbers. And when we push enter or commit on our device, it takes us across the internet, across the DNS system. It’s open, it’s where the threat actors sit, and it’s open to any form of malware deployment to a personal device. So the DNS is a network. It connects the global world for us to travel the internet, and it’s open. And that’s where we pick up and attach ourselves to threat actors and the delivery and deployment of things like malware.
Now, what is interesting is you will note that when we started this part of the session, I said, “Please use your personal device.” It’s highly likely, very likely, that an organization that you work for and insurance company, when using your work device, will have a product like protective DNS to protect you as an employee and also the business so they don’t suffer a breach and leak personal information. That’s why commercial companies have solutions like this today.
As I suggested a moment ago, DNS in connecting us globally is the risk. The internet was not built for how we use it today, and I won’t bore you with the session on what the internet was built for, but it wasn’t built for me to go and buy something. It wasn’t built for us to communicate at speed via chat box and everything else. So because of its nature and the fact that it’s open… Oh, I didn’t move that slide. Let’s go back. Because of its nature and because it’s open, what it actually means is most deployment of threats are activated by the DNS. I can tell you statistically that every day, as per this slide, there are 84,000 URLs published via registrars daily. It would astound you and worry you if I told you that 76% of the 84,000 are malicious and used by threat actors and threat acting groups to deliver all types of risk and harness you towards them, honeypots.
Now, DNS is the actual risk, but we can do something about it. We’ve partnered at Cyberscout with a global cyber firm called NCC Group. I used to work for them for many years. They’re regarded and trusted globally as a global leader and thought leader in cyber threat intelligence and protection. They have produced, as of all cyber firms, a protective DNS solution. The protective DNS solution that they’ve built has been in place for 25 years and operating today with the world’s largest banks, institution, and telecommunications companies. Okay. Now, we’ve deliberately partnered with NCC Group because the solution they have can’t be built by me at TransUnion Cyberscout or you as an insurance firm or a mutual, but what we can do is leverage their expertise and bring this solution to you.
So, how does DNS work? Okay, I’ll talk about the setup and implementation of this ease of implementation, should I say, and easy-to-use platform and how it’s evergreen in a moment. Let me walk you through how it works. If I am a customer of a neutral and I am provided with protective DNS protection for me and my family, how it works is, the moment that I receive a phishing email or a text or a WhatsApp or a Facebook or I choose to go to my browser and select a website, the moment I hit enter in my device, within a nanosecond protective DNS kicks in. It talks to my device and it then talks to a 24/7 365 security operation center. It queries it and says, “Is this telephone number or URL that I want to visit safe? Is it a known threat acting community published URL? Is it a safe destination? Can it be trusted?”
It does not stop you visiting a site of your choice if it’s not a risky URL, but if it is, if it’s dangerous and perilous to your policy holders or your family, it stops you immediately. You cannot get past it. Within a nanosecond, zero latency and immediate, your policy holder, your mutual owner would be directed to a block page. The block page is what you can see on screen on the mobile device. That, my friends, is your value statement. That’s where you are able to say, as your business, you as a mutual, “Please, James, we’ve just protected you from a potential malware delivery mechanism or a known threat actor site. Please call your Cyberscout help line for more information or click here to go back to the search engine.” They cannot get past it. It’s trusted. As I said to you, protective DNS has been in place for 25 years. It’s an enterprise level product that due to my background in cyber and my immersion into insurance, we at Cyberscout have identified a gap to deliver the important fourth tenant of insurance around cyber that I’ll move into in the moment.
Lastly, protective DNS, when installed on any device, and it works on any device, iOS, mobile, laptop, Android, if you already have malware on your device, the moment you have protective DNS, the threat actor cannot talk to it. It’s impossible. It’s a block. You cannot get past it. What it does is great, but what’s even better is how easy it is to deploy. Now, because of the 200 million people calling off helplines day in, day out around the world in 13 languages, we know the trouble people have with cyber and technology, and everybody’s scared. They don’t know what to do. We know that it’s got to be simple and we know it’s got to be evergreen, i.e., you never need to update it.
So what would happen? Partnering with Cyberscout, we would deliver you to a safe destination a simple code that you can embed in an email or an app or however you communicate with your policy holders. You would send them a link. And it’s almost bizarre it’s a link, we know that, but it’s the only safe way to do it. They would click on that link once and it would overwrite the DNS settings at device level and browsers level. Thus meaning, whether they’re at home, the airport, the train station, the cafe, or socializing with their friends, no matter what they click on, no matter which free wifi they use, they’re protected via protective DNS and the threat actors can no longer talk to them. They click the link once, it activates up to four devices, and then the link expires. Thus meaning it can’t be shared in the community across forums and chats. So it holds its value to you and the policy holder that pays for it.
Better still, protective DNS is borderless and seamless. It works globally. There are no restrictions to where we can deliver this protection to you and your policy holders. And equally, it allows you to deliver cyber protection seamlessly across the whole of your book. Everyone can have it. Life, pension, home, auto, agriculture, high net worth, mid net worth, you name it, they can have it. And you as a mutual can deliver that protection that’s needed.
This is really important. When I joined Cyberscout two years ago, as I said, my background is cyber, I quickly realized that we offer three tenants today in cyber for both personal and commercial lines. On the far right is the first one, a cyber crisis management help line, i.e., the number to call if something goes wrong. Then, tenant two is bottom right, which is redress and remedy. We’ve caught you, you’re safe, don’t worry. Let’s resolve the issue, as Tom talked you through in just a few case studies, and let’s address the challenge. Let’s help you, Mr. Customer. Let’s help you get back to where you were and let’s get back to getting your money back in the bank or securing your online presence. And in the third tenant on the bottom left is the cyber coverage. Tom mentioned that as well. At times we have to call upon it with the affected individual, personal and commercial, and use that coverage to take them back to the place where they were.
But that’s great, that’s fabulous, and that’s been in place for many years. But actually, I’m sure you would agree with me that it’s better to stop the fire than put out the fire. So in the top right-hand corner is your prevention mechanism. Let’s prevent together more cyber challenges and risks. Let’s drive safety to the communities that we ensure, and let’s offer your mutuals safety and security no matter where they travel on their device, Android, iOS, tablet or mobile, by the implementation of a simple, effective, trusted enterprise solution that’s been in place for over two decades called preventative DNS. By inputting preventive DNS into your cyber program, you’re delivering the four tenants that are needed to offer that security that you need to offer your customers.
The last thing I will mention is, protective DNS works for all personal lines. It also works for micro and small SME commercial lines. As I mentioned previously, it’s highly likely some of the guys that I’m speaking to today on here now work for large organizations. They will have a DNS solution in place. Cyberscout and NCC Group, through our partnership and through our trusted friend ICMIF, would love to deliver what is an enterprise application. We’ve not suffered any degradation in bringing down to the consumer and micro commercial market and deliver that to your policy holders in line with the world-class help line and the brilliant coverage you offer your customers today.
It’s with that that I come to the end of the slides, and I’m now going to move on to questions and answers. I’ll invite Tom and Matt to join me on the panel with their cameras on and we would invite you to ask us any questions, please. So many people do not understand what DNS is and how it works. We’ve got 16 minutes, let’s use it and ask those questions because we can help you protect your customers and mutuals. I’ll pass over now to Matt and Tom for any final thoughts. Then we will pass to Nadine to ask any questions that have been posed. So Matt, over to you, anything to add, sir?
Matt Cullina:
I said I would love to just dive into people’s reactions and feedback to hear from the community.
James Wickson:
Excellent. And Thomas, any immediate thoughts or anything that I’ve probably missed whilst talking to these wonderful people?
Tom Updegraff:
I don’t think you missed anything, James. I think the takeaway is, every minute, every second you are under attack, your family is under attack. And when you look at things like your email and the fake notifications that you’re getting around subscriptions or clicking on a link to correct a banking question, it’s nonstop. So this is really a terrific way for you as an organization to provide immense value to your policy holders to help protect them before an incident starts.
James Wickson:
Thanks, Tom. That’s a great reminder there. I was focused on the technical product, so yeah, that’s fabulous. It really ties back. So Nadine, if you don’t mind, we’ll pass over to you and your team for thoughts, questions, and answers. But before we do so, in case anybody has to leave, I’ll remind the audience this product is not live anywhere in the world today. Cyberscout and NCC Group in partnership will be the first to deliver this enterprise application to the consumer and micro SME market through the insurance industry. You as ICMIF family members are getting the first sight of this. We will answer any questions outside of here or during this session, and you will be given the first opportunity due to your ICMIF membership to be first in the world to market. Nadine, over to you.
Nadine:
Thank you, James. Thanks, everybody, for your great presentation. So how do we know that we can trust DNS to mitigate all the risk? Can you maybe say something about this?
James Wickson:
So firstly, DNS is trusted. This is not new. It’s been in place for over 25 years and it’s used today by the largest organizations in the world to protect their institution and their employees. DNS is housed, protective DNS, sorry, is housed in a SOC, which is a security operations center. The security operations center, if you imagine a box, and into that box is every single domain that’s published at any time in the world at any point. There are 4,000 domains registered every day, and 76% are malicious. It takes threat intelligence feeds from everything the cyber firm does. It looks at… Sorry, something popped up on my screen there and distracted me, my apologies. It looks at everything they do as an organization and feeds it in.
It then takes different feeds from government and institutional organizations. It then takes everything it can in the cyber market, puts it into this box, and uses AI and human engineering to determine that a bank never has a number in its URL. It doesn’t, they don’t do it. So it knows that they need to check that. And it uses artificial intelligence in many forms. So protective DNS is the most trusted and preventative cyber solution for enterprise markets because it doesn’t go wrong. It’s very simple. Nobody needs to update it other than the SOC. All we’ve done is taken that enterprise product, board it down to the market of which we are all looking after. And because of the volume of people in this market, it’s now affordable to protect everybody. So it’s trusted. It’s been trusted for 25 years, and it doesn’t go wrong. It’s your backed block, as Batman would say, the backed block.
Nadine:
Okay, thank you. And will it protect against zero-day threat?
James Wickson:
So there will always be a need for alternative cyber solutions and enterprise level. Okay? There will always be alternative solutions to the right-hand side of the food chain in cyber. Preventative DNS can’t stop zero day, nobody can, but zero day hasn’t happened yet, and it’s a really murky area to look at. But what I can say is that it will stop phishing, it will stop texting, it will stop malicious links, the form part of zero day. Zero day can happen in many ways. But protective DNS, it looks after the consumer, the person and the device, and it says, “Hang on a moment, if we click this link, is it safe?” So it offers a high degree of protection for zero day, but nothing can protect in its entirety from zero day. There are many forms of ways of delivering this. But it’s the best solution that’s available to everybody today, with a one click download, never needs to be updated, it’s evergreen, and it works wherever you are in the world. So it’s probably the best defense anybody could have against the zero day. Yes.
Matt Cullina:
One thing I would add to that, I mean you think of zero day as being kind of one in a million situations or one in a trillion situations, right? What we’re trying to tackle is what happens on the everyday. And just to put that in perspective, there’s 1.8 billion websites in the world today, 1.8 billion individual URLs. There’s between 70 and 80,000 new websites created each and every day. So that is where all the activity is happening. Now, if you look at that, obviously a good number of those websites are legitimate websites that we create to have commerce or engage with each other, et cetera. It is estimated that 80% of new websites that get created each and every day are fraudulent. So the threat actors know what they’re doing, they’re going after where we legitimately engage in commerce or engage online every day, and they’re trying to mimic that to get you to fall prey to their scams. So we’re trying to tackle where all of the fraudulent activity is happening with threat actors day-to-day, not kind of remote far away situations.
Nadine:
Okay, thank you. And I got another question. Currently, browsers warn against nefarious sites. So how does this differ?
James Wickson:
Browsers are changed and updated regularly it, I’m trying to address it in the most simplistic way. Protective DNS overwrites the journey that you make via the internet and you need a browser to travel the internet. So you are moving to the left-hand side of the food chain, the very beginning with protective DNS, and it triggers before the browser. It says, “Hey, I’m here, I’m going to protect you and the device,” then it connects to the browser.
Now, browsers today are really efficient and they’re getting better and better, but a browser is not a security protocol. It’s got limited security protocols built into it. Protective DNS is a security protocol. A browser enables you to travel the internet. Protective DNS allows the browser to travel safely. It takes you out of one conduit and puts you into a safe one. Yes, the browser can say, “Hey, that doesn’t look very safe, but guess what? Oh, well I’ll click anyway.” That’s the curious type of individual we are. However, protective DNS stops you, it’s a backed block. Even if you want to, you can’t. It stops you. So it offers that cyber prevention that you really need.
Nadine:
Okay. And could you explain maybe how does your product differ to secured DNS or DNS over HTTPS that Mozilla offers with Firefox?
James Wickson:
Okay. It is a very, very, very similar answer to the last one. Mozilla and Firefox, as do all browsers, offer a level of protection, but if that were the case that they were protecting you, organizations would not block websites, they wouldn’t implement protective DNS. I can’t address the difference between a opt-in security protocol or a level of sophistication via Mozilla versus an actual cyber preventative protocol. They are two completely different measures. You have choices with one, you have no choice with the other, and the no choice delivers protection.
Matt Cullina:
And if you just simply look at our statistics, we’re seeing a crazy increase in social engineering scams in an environment with the two solutions that you just identified exist, right? They’re not preventing the problem. So that’s what we’re trying to solve for.
Nadine:
Okay, good. Thanks.
James Wickson:
Being very careful what you say, Matt, in case we’ve got the CEO of one of the browsers on here, so I’m being polite and careful what I’m saying. They’re very different, guys. Maybe an offline session and we’re dropping to some detail. I’m just being careful what I say.
Nadine:
I believe this is quite unlikely that we have one of these persons here. So from a very practical perspective, the question really would be, I mean, the policy holder usually is just one person. So is the rest of their households also protected?
Matt Cullina:
Honestly, we tried to create something as simple and meaningful to implement as possible. So we really focus on simplicity here, and we really identified both the small commercial lines market as well as the personal lines market. So for our initial launch, what we’re going to be doing is offering this protection to four devices per household. Now, that’s just our general estimate. We can modify that over time and see what’s really happening in the household level. But each policy holder today would get four devices protected under the program. If you look at a small business, it would be the same approach, but per employee. So each employee of the business would get four devices protected for their household.
Nadine:
Okay, good. And how does it handle false positives?
James Wickson:
So it is our understanding and valid estimation via our partner that the elimination of false positives will be eradicated within 24 hours. So a domain is registered and it goes into the box that I described. At a maximum, within 24 hours, that box will know if it’s a malicious destination or not, and false positives will exist. But in the term of a false positive, it will protect you rather than allow you through. The protection is upscaled as opposed to downscaled where there’s false positives. But within 24 hours, false positives won’t exist.
Now, what’s also interesting is, typically, and this is from the registrars, typically a URL is published, and between three and five days the website goes live because you have to build it, get it online and build it. And you go through a series of releases from test to a production environment. The moment a URL is published via a registrar, it hits that box I told you about. So within 24 hours, false positives taken out, and then thereafter we’ve pretty much got a handle on it. What I will remind everybody is, I’ve just thought of something when we were talking about browsers. Let’s not forget in today’s world, the number one threat globally is phishing via text, WhatsApp, and email. And that’s what DNS stops, stops it in its tracks. The moment you trigger to download or make a movement or connect, the internet kicks in and DNS stops it. You can’t reach a bad destination.
Nadine:
Okay, great. Thanks, James. So I believe we have covered all the questions we’ve got. So I would say, first of all, thanks again, Matt, James, and Tom for your excellent presentation. If anyone has any further questions, please just send them over to us and I’m sure they would be happy to answer them later. We’ll come back to you in that case.
So recordings and transcriptions of all ICMIF webinars are available on our webpage.
Before I finish, I would just want to let you know about our upcoming reinsurance conference at the beginning of June. So from 6th to 8th June, we will gather in Iowa on the premises of our host EMC to take a look at the current state of reinsurance market, discuss topics such as ESG and resilience and reinsurance, climate and cat modeling, and also take yet another look at cyber insurance. So our colleagues here from Cyberscout will be there, and we would be happy to see many of you join us in Des Moines.
So, a final thank you to Matt, James, and Tom. Thanks to everyone for participating. We hope to see you at other ICMIF webinars in the future. Thank you and have a good day. Bye.
James Wickson:
Take care.
Matt Cullina:
Bye.
James Wickson:
Bye.
The above text has been produced by machine transcription from the webinar recording. ICMIF has made every effort to ensure that transcriptions are as accurate as possible, however, in some cases some text may be incomplete or inaccurate due to inaudible passages or transcription errors. Listening to or watching the webinar recording will allow you to hear the full text as delivered during the webinar but this is available in English only. Our transcriptions are provided to enable members to select the language of their choosing using the dropdown menu above.