Connectors enable Cowbell’s platform to connect to your infrastructure in a secure and restricted way and read limited information related to security controls and the use of security best practices.
Connectors not only deliver more thorough risk assessments but they can help you gain visibility - at no additional charge - into security weaknesses you might not be aware of.
Getting better visibility into your cyber risks
Every organization, large or small, uses connected or internet-based systems, starting with phones and email (Office 365, Gmail, or other services). These might be administered internally by a third party and represent a cyber risk.
In order to assess and quantify such risk, Cowbell relies on multiple data sources, external scanners, and insights into dark web activity. Connectors add inside-out data to the pool of data used to compile Cowbell Factors, delivering a refined risk profile and more accurate cyber insurance proposals.
Improving your risk profile
A deeper assessment delivers visibility into security weaknesses that you might not be aware of with recommendations to fix these. The benefit: Your organization can improve its security posture prior to any incident happening.
Cowbell is regularly adding new connectors. This list will be updated at new connectors are added:
Microsoft: delivers risk insights related to Microsoft 365 (aka Office 365) and other Microsoft collaboration tools
Google: delivers risk insights related to the deployment of Google Cloud and offers recommendations from Google on security.
Qualys: report on current system vulnerabilities, patching of known vulnerabilities, container security, and regulatory compliance
Security Studio: reports on risks related to processes deployed in the organization (typically risks not related to systems)
Safeguard: reports on policies in place and risks related to the use of social media
Wizer: Wizer is Cowbell's partner for Security Training. The connector report on how many employees have successfully completed training such as phishing email simulation.
How Secure Is the Use of Connectors?
Cowbell relies on APIs developed and maintained by the above vendors themselves for the unique purpose of sharing configuration and security data – these APIs are not developed by Cowbell and are not unique to Cowbell. Access is read-only, limited to metadata and configuration information, and explicitly restricted to what the vendor API provides access to. Cowbell’s platform never accesses business information and data stored in the system itself.
Example: Connector to Microsoft
Configuring email and collaboration tools (calendar, file sharing, or other) for security is paramount as many cyber incidents start with an email compromise, often names BEC incident or "Business Email Compromise". Cowbell's Connector to Microsoft Secure Score
Microsoft 365 (aka Office 365) is commonly used as an email service deployed in the cloud. The service can be administered directly by the organization or outsourced to a third party.
Cyber incidents due to misconfigurations of Microsoft 365 have been common enough that the U.S. government has issued several security warnings for Microsoft Office 365 since May 2019, recommending that every business review their Microsoft 365 configuration for security.
Cowbell Connector to Secure Score offers an immediate, free audit of your Office 365 security configuration
Get immediate visibility into data tracked by Microsoft: your score, strengths, weaknesses in the configuration of Microsoft Office 365, and improvement actions.
The assessment is based on a standard set of controls jointly defined by Microsoft and the Center of Internet Security and represents the best security practices for Microsoft 365.
Common controls include the use of MFA or the need to limit the number of users with administrative privileges.
Five reasons to activate connectors
1. Avoid Cyber Incidents
Activating Cowbell connectors could give you an early warning about a security weakness that you were not aware of. Acting on recommended actions to improve your risk posture could prevent future incidents.
2. Get a Cyber Policy that Best Matches Your Risk Profile
Cowbell Factors define your organization’s risk profile and anchor Cowbell’s underwriting processes. Activating Cowbell connectors delivers deeper advice to improve your risk profile, resulting in the best possible insurance policy.
3, Lower Your Premium
With activated connectors, you will have better visibility into cyber risks and recommendations to improve your risk profile. A better risk profile will positively impact your cyber insurance premium.
4. Share Our Free Assessment with Your IT/Security Team
Cowbell’s risk assessment is free. Our goal is to help you keep your business safe. You can share your risk assessment with your internal or external security resources for them to use. We can even give them access to our platform.
5. Get an accurate benchmark of your business's risk profile
Cyber attacks at mid-size businesses are often opportunistic, taking advantage of security weaknesses. Knowing whether your risk profile is below or above your peers indicates the susceptibility of your organization to a cyber attack.