CFC Response App: More about proactive threat intel

This is threat intel that anyone can access just by going to a website. These services, such as Have I Been Pwned or MX Toolbox, are free, but most small businesses either don’t know they exist or don’t know how the information they provide can be beneficial. CFC, however, does the heavy lifting by consolidating the information and feeding it back to clients in a more structured format through the app, explaining why it’s important and what clients can do to mitigate specific threats.

The second way we gather intel is through paid for services. CFC pays significant amounts of money to be able to give all of our small business clients the services most large corporate enterprises deploy to monitor their systems – all free with the policy.  And for businesses who may not have the budgets to spend on these services, this is revolutionary way to grow their cyber maturity, allowing them to actively conduct vulnerability scanning on all their external assets.  A really good example of a ‘paid for’ subscription model would be full access to BitSight reports, which would typically cost thousands to small businesses. CFC uses Bitsight intel to proactively monitor clients and deliver targeted alerts via the app, all free of charge.  

Lastly, our most valuable asset and something that’s unique to CFC is our proprietary claims intel. Over the last 20 years, we’ve built a database of over 50,000 cyber policyholders in over 60 countries. Today, our internal incident response team oversees upwards of 50 cyber claims a week, which enables them to quickly spot trends in real time.

Last year, for example, our team noticed that hackers were targeting schools through business email compromise scams. Hijacking these accounts, the fraudsters then sent emails to parents, asking them to pay fees early – albeit to fraudulent bank accounts – in order to get a discount. Seeing multiple schools targeted with this scam, we were able to notify all our clients in the education sector.