Solutions and Goals

It is the aim of Pool Defender to help our members more effectively navigate the rapidly changing and increasingly important digital security landscape. We feel we are stronger together than we are apart.

The costs for containing cybersecurity risks are growing

Almost all areas of risk control are getting more expensive, staffing, security systems, cyber insurance, etc. These relatively new costs are cutting into the profits of the risk pool industry. These costs are likely to grow for a few years at least and any containment of the costs would go right to the bottom line.

Pool Defender Objectives

  • To provide outsourcing services that might help our members not have to hire an expensive and difficult to find full-time security person
  • To develop relationships with insurance providers to help lower insurance costs for our members
  • To negotiate preferred rates with high quality security vendors so that lower costs can be passed on to all sizes of organizations in the risk pool industry

No one is tracking the types of attacks and attack vectors hitting the industry

The problem with having a lack of clarity into the types of attacks facing the risk pool industry is that the means and motives of digital criminals remains a mystery. By providing a confidential space for organizations to report on an event, Pool Defender will be able to log what is happening within the market and aggregate that information to warn the industry about specific dangers.

Pool Defender Objectives

  • To build a process so that those in the industry can see the value of, and is motivated to, share details of attacks on their companies confidentially
  • To build a database to track all information given about the scope and type of cyberattacks within the industry and look for patterns and consistencies

No one has the capability to distribute verified cybersecurity information and analytics to the industry

In a battle to keep from having a serious digital event, acquiring actionable information from a trusted source is important. Today, in the industry, most companies are forced to make do with anecdotal stories from peers.

Pool Defender Objectives

  • To cultivate relationships with large industry organizations, to speak at their events, and update the industry on the latest in cybersecurity attack vectors and remediation results

The industry has not developed agreed upon security best practices, standards, or guidelines

It will help risk pool industry leaders to have a trusted and customized set of documentation and best practices to serve as a benchmark of cybersecurity for internal staff. From first developing best practices, then making them standards, then providing certifications that could be used to lower insurance costs and raise customer trust, we will help our members build stronger cybersecurity practices.

Pool Defender Objectives

  • To quickly establish documented risk pool industry best practices for all areas of cybersecurity.
  • To use these as a checklist for leaders to set expectations with their teams and thereby raise the level of defense across the whole industry

Cyber insurance is going to be mandated by customers while at the same time becoming more expensive and harder to attain. In addition, underwriting is becoming harder to navigate

The changing cybersecurity insurance market is a real looming danger. The risk pool industry will soon find the combination of rising rates and contractual requirements developing into financial hurdles. It is the right time to develop relationships with either vendors or providers who can partner to provide good policies.

Pool Defender Objectives

  • To work with insurance providers to develop specific levels of policies and underwriting methods to serve the various sizes of organizations in the industry
  • To negotiate with insurance providers to get lower rates than most members could get individually

Most organizations and providers do not have trusted sources to get advice from when a breach occurs

When a digital event occurs, there is little time to figure out who can provide the best advice. Pool Defender will be an entity that has no agenda other than helping industry members remediate security events as effectively as possible.

Pool Defender Objectives

  • To provide the capability to guide an organization through cyber incident response.
  • Responses can range from advice in the moments after an event has been detected to actually guiding the incident response until full remediation has occurred.

Today the industry does not have a vetted group of resources (cyber lawyers, ransomware firms, third party security audits, bitcoin brokers, etc.)

Pool Defender will invest time to find the best security vendor solutions and negotiate industry pricing. We will also train the vendors on the risk pool industry dynamics so they understand how helping an organization in the risk pool industry might be different than other organizations.

Pool Defender Objectives

  • To develop a comprehensive list of trusted vendors with preferred pricing for various aspects of cybersecurity
  • To train vendors on the risk pool industry dynamics so they are knowledgeable about how to be most helpful when needed

Lack of knowledge and access to cybersecurity governance documents

One of the important defenses for cyber events is to have effective policies and procedures in place to lower risk. Pool Defender will maintain an evolving knowledge base of security governance documents so that members can be on the leading edge of cybersecurity governance.

Pool Defender Objectives

  • To build and maintain an excellent library of documentation that can be used by the risk pool industry to implement cybersecurity governance
  • To provide advisors who can explain the need to implement the governance methods to members

Lack of access or awareness of peers who can provide knowledgeable counsel

The risk pool industry has thrived partly because members are often willing to help other members. Cybersecurity events and defensive methods are not topic that are well broadcasted. However, members are often willing to share with their peers in the industry when needed. Pool Defender can be a resource to help members know other industry peers who can provide valuable experience.

Pool Defender Objectives

  • To provide a clearinghouse for peer advice on topics such as network defense or incident response

Ultimately, our goal is to make the risk pool industry unattractive to digital criminals – be they external or internal. We want those with bad intentions to understand that it will be challenging to disrupt this industry through cyberattack!