SSIMPLE (Secure Systems and Information Management Principles with the benefits of our Loss Experience) is a holistically designed cyber risk management platform. It combines an innovative insurance policy with incident response education, complimentary third-party offerings (including a live tabletop exercise), and built-in incident response services. The SSIMPLE platform will help insulate your organization from security incidents and ensure that it is prepared in the event one occurs.
The SSIMPLE platform offers services and training that are intended to mitigate risk and aid in the prevention and detection of privacy and network security incidents. To learn more about the risk transference and response service components of the platform, visit the Aspen Insurance website.
Now more than ever, businesses must be on guard against cyber threats. With more and more data being stored and processed online, privacy and network security is an increasingly critical component of business conduct. Organizations need to carefully contemplate methods of planning, prevention, detection and response to potential breach incidents so that they are adequately prepared.
SIMPLE security is effective security.™
From October 1, 2018, to September 30, 2019, the global median dwell time was 56 days.
Source: FireEye M-Trends 2020 Report
As both the cyber threat landscape and legal environment continue to evolve, it is more important than ever for organizations to proactively ensure they can quickly and appropriately respond to data privacy challenges, including cybersecurity events. This interactive, executive-focused exercise is designed to review and test an organization’s cyber incident response capabilities, with a focus on strategic communication.
Breach Plan Connect®, powered by NetDiligence®, is a securely hosted solution designed to help your senior managers plan for, oversee, and coordinate your organization’s response to a cyber incident. Breach Plan Connect comes pre-loaded with a comprehensive plan template which can be easily customized for your organization and includes a mobile app for convenient access and alternative means of communication if company systems are compromised.
The eRiskHub® Portal, powered by NetDiligence®, is the central resource for information about all of these services, and also includes cybersecurity educational modules along with best practices resources (such as policy templates) to develop and improve controls.
Misconfigurations and vulnerabilities in Active Directory can create millions of attack paths that enable ransomware or advanced adversaries to compromise your critical assets. This assessment begins with teaching your team what Active Directory attack paths are, how they are created, and how they are abused by attackers to move laterally and escalate privilege. Then, utilizing BloodHound Enterprise, this assessment will analyze every attack path in your environment, and make specific, actionable recommendations for improvement based strictly on quantified risk. Offered by SpecterOps.
Assesses Microsoft 365 settings to ensure they are configured securely and that critical functions such as auditing are enabled. Areas of focus include Azure Active Directory, Exchange Online, and sharing rules that can lead to data exposure. The primary deliverable is a report that prioritizes the recommended remediation actions and associated solutions.
Axio360 is an integrated risk management SaaS platform designed to help you rapidly measure your cybersecurity maturity, plan improvements to strengthen your cyber posture, and share your findings with key stakeholders. Current suite of assessments available to SSIMPLE clients include: NIST CSF, C2M2 and Ransomware Preparedness.
The ISS Cyber Risk Score provides a stable, long-term indicator of network security risk based on a diverse set of inputs, global cybersecurity threats and proprietary analytical methods, helping organizations understand and strengthen their cyber posture and assess the risk of their third party vendors in the supply chain.
Most companies discover they’ve been breached way too late. Thinkst Canary fixes this: just 3 minutes of setup; no ongoing overhead; nearly 0 false positives, and you can detect attackers long before they dig in.
Learn more about risk transference and post‑incident response services available with the Aspen Apex insurance policy.
Interested in implementing any of these pre‑incident services?Contact us
Our dedicated team of professionals are available via phone, email and even in person to help walk the Insured’s team through the sign up process and the various services available.
Rob has more than twenty-five years of IT and project management experience. He previously worked at a MSP where he was Director of Professional Services and was a virtual CIO for a broad range of managed service customers. Primary responsibilities included strategic technology planning, pre-sales solution design, IT infrastructure and policy review along with managing technology projects such as cloud server and email migrations, virtualization and storage deployments, and network infrastructure upgrades. Rob has also worked as an IT Manager for a private wealth management company and has a background in IT infrastructure consulting. Rob obtained his undergraduate BS degree in Biomedical Engineering, from The Johns Hopkins University and he maintains a Certified Information Systems Security Professional (CISSP) designation.
Ian Starinovich joined Aspen in February of 2018. He is currently functioning as a Service Deployment Engineer for the Risk Management department. Ian is a cybersecurity specialist with a background in IT infrastructure focusing on networking, virtualization, and storage technologies. He has over 20 years of experience in various technology roles including Senior Systems Engineer, Engineering Team Lead, and Senior Solutions Architect and has worked closely with multiple verticals, including Finance, Health Care, Manufacturing, and Education. Ian has collaborated with various technology vendors and has both deployed and vetted many security technologies in his career. Ian completed his undergraduate degree at Worcester Polytechnic Institute (WPI), majoring in Computer Science. He currently holds various IT and security certifications including ISC^2 CISSP, CCNA Cyber Ops, CCNA Routing & Switching, VMware VCP-DCV 6.5, CompTIA Security+, Sophos Certified Engineer, Extreme Networks Certified Expert - Networking, as well as AWS Solutions Architect, SysOps Administrator, and Developer Associate.