Specialist advisory services for the cyber insurance market
An extensive suite of cybersecurity risk management services and coordinated cyber incident response.
We help cyber insurance underwriters, brokers, and their customers understand their information risks, with one-to-one guidance from an assigned digital investigator.
We devise plans for managing incidents and assist in coordinating the response using digital investigations and advanced recovery techniques.
Find out more about our response and investigation services - jump to:
Cyber insurance & broker partners
How we work with Insurers
STORM works with cyber insurers and brokers, providing solutions for the understanding and improvement of risk management, and the resources to respond to incidents when they occur.
Trusted by
Cyber incident response
Need immediate support?
Our cybersecurity experts and digital investigators are available to help examine, respond to, and recover from incidents.
If your business has fallen victim to a data breach, phishing scam, malicious software, mailbox compromise, fraud, or any other cybercrime, our rapid response team can help.
Or call: +44-203-693-7480
About STORM Guidance
STORM: Strategic, Tactical & Operational Risk Management
STORM Guidance provides specialist tools and advisory services developed specifically to aid cyber insurance underwriters, brokers, and their customers, and also directly for businesses of all sizes.
Our services offer clarity on information risks, planning for the management of cyber incidents, and the coordination of both investigation and recovery when incidents occur. Our specialists have helped hundreds of clients recover from a range of incidents, including Ransomware, Business Email Compromise (BEC), Extortion, and Data Theft.
STORM Guidance’s mantra is: Assess, Plan, and Respond. It’s what we do.
Assess
Understand your cyber resilience and gain clarity over infosec risk
Get concise reports and jargon-free language via the Cyber3 and CyberSeven assessment tools.
Plan
Cybersecurity consultancy, guidelines and response
Our information security best practices are provided by some of the most seasoned cybersecurity experts.
We assist insured organisations directly or through our ReSecure product.
Respond
Unrivalled incident response for victims of digital fraud
Cybersecurity assessment & cyber risk remediation plan
Cyber3: Rapid Risk Review. Find vulnerabilities and remediate risk.
A unique and comprehensive cybersecurity assessment, providing a straightforward understanding of exposures and incident prevention for insurers, brokers, and their clients.
Supporting insurers and brokers in understanding the risk across their books with a unique dashboard for detailed insights into client risk management maturity. Featuring questions commonly asked by cyber insurance underwriters, Cyber3 helps existing or prospective clients understand the need for better cybersecurity.
Digital investigators review
In-depth, 90 minute cybersecurity assessment to identify key risk indicators
-
Technical vulnerability scan with our CyberProfiler: Attacker’s Eye View™
-
ISO 9001 / 14001 / 27001, PCI DSS, NIST, ENISA compliant
Cyber maturity scoring
Dashboard-style presentation and custom-written report
-
Straightforward 1-5 score in five areas of cyber risk management maturity
-
Jargon-less risk results with visual high/medium/low risk determination
Cyber risk remediation
Formal data asset register generated
-
Improvements prioritised into checklist of measurable actions
-
Clear and practical remediation advice for every high and medium risk, with commentary on low risks
“
We've been working with STORM Guidance for some time, utilising their services and expertise in the management of risk across our client books. STORM's comprehensive cybersecurity assessment supports our risk portfolio, playing a key role in the success of our cyber centre of excellence, and risk solutions.
Henry Warner, Divisional Director - Cyber, Ed.
Cybersecurity exposure scan
CyberProfiler gives you a unique 'Attacker's Eye View'™ of your business
Understand your organisation's cybersecurity exposure from an attacker’s perspective. A cyber assessment framework powered by first hand cyber-attack response insights.
Supporting insurers and brokers in understanding the risk across their books, whilst providing the information they need to help their customers proactively improve security, mitigate risks, eliminate vulnerabilities, and meet compliance standards.
Make your business difficult to surveil
Our service includes active scanning for vulnerable technologies, configurations, user accounts, registered domains, third party links, budgetary spend, and other sensitive details.
Be the hard target
Poorly configured networks and outdated services make you an easy target.
As with traditional crime, if opportunists find profiling hard, they will move on to softer targets. Our monthly review allows you to identify what your online services reveal to cyber criminals.
Actively defend your organisation
With our monthly assessment, you can detect vulnerabilities as they happen, rather than after an attacker has discovered them.
We summarise our findings and if needed, we can consult your business on remediation.
“
This non-invasive Cyber Profiling service can provide businesses with insight into the potential exposures that cybercriminals can exploit, and empowerment to take practical steps to remediate risks. We are confident our customers will find this service complements their existing cybersecurity services and contributes to strengthening their cyber resilience.
Jaini Gudhka, Senior Risk Manager - QBE
Ransomware incident response and recovery
Initiate ransomware negotiations, restore systems, and recover data
If you’ve suffered a ransomware attack, our cyber rapid response team are accessible 24/7, with dedicated specialists who will help you restore your systems and recover data.
Experiencing a ransomware attack can be an incredibly stressful and often debilitating event. We help our clients by alleviating pressure and providing the best chance of recovery. Our ransomware incident response specialists are on hand to investigate and recover, whilst facilitating all communications and negotiations with the attackers. As part of our service, we offer trauma counselling for victims of cybercrime.
Digital investigators
24/7 access to specialists
-
Coordinated investigative and restorative response
-
Procurement of decryption tools and execution of decryption process
Ransomware negotiations
Former Law Enforcement Agent extortion negotiators
-
Complete Operational Security (OpSec) compliance and identity protection
-
Formulation and execution of client sanctioned negotiation objectives to drive optimum outcomes
Extortion settlement
Full sanctions checks and reporting with any necessary liaison with law enforcement & regulators
-
Facilitate payments in a range of cryptocurrencies
-
Complete financial accounting and interaction with insurers where required
-
Blockchain analysis & tracing
Recovery
support
Legal and crisis advice
-
Fast decryption capability
-
Public relations support
-
Trauma counselling for victims of crime
“
The safety and security of private and sensitive data is high on all businesses agendas. Aviva provides support to customers to understand their Cyber exposures and working with STORM, who are experts in Cyber risk and analysis, we are able to deliver risk insights and Cyber security solutions to help protect our customers and their businesses.
Justin Linney, Head of Risk Management - Aviva Insurance
STORM Guidance cyber security services
Essential tools developed to assess, plan, and respond to cyber risk.
From expert-driven risk reviews, board-level self-assessments, and digital investigations; to incident response and cyber insurance comparison tools.
View our suite of products below