Aspen Cyber Risk Services

Cyber Insurance – From Complexity to Clarity

Aspen Cyber Risk Services (ACRS)

Aspen Cyber Risk Services (ACRS) are a suite of complimentary, high-impact cyber risk management services offered to Aspen’s cyber insurance customers. 

These services are all delivered by industry-leading law, technology, digital forensics, and incident response firms. Reports, presentations, or security findings are delivered directly to you and not shared with Aspen.

How does it work?

Each policy period, Aspen’s primary cyber insureds can choose one service from the list below. Aspen will arrange an introductory meeting to discuss the details of scope, deliverables, timeline, and scheduling. The service must be completed during the policy period.

Note that any changes in scope that incur additional cost are at the customer’s own expense and will be invoiced directly to the customer. 

Service availability

All services, with the exception of Code Red Alerts, are available globally via virtual delivery. Exceptions apply. Please contact Aspen for details. Services are subject to change.

Services Available

Code Red Alerts

Am I being attacked? 

Aspen actively monitors its cyber insurance portfolio for
indications of cyber-attacks. By signing up for Code Red Alerts, you can receive direct email notification if or when we detect that your organization is targeted by a credible cyber threat. We recommend treating this service as complementary to, and should not be a replacement for, your existing threat intelligence capabilities.

Note that Code Red Alerts are only available to US-domiciled companies and can be selected in addition to any of the listed services. Aspen does not guarantee that all threats will be detected.

Enroll here

One service to be picked from the below:

Technical Tabletop Exercise 

How effective is your organization at responding to a breach? 

This live, in-person exercise tests your company’s actual incident response capabilities against a highly-customized, simulated threat, identifying areas for improvement to reduce damage and speed recovery in case you are the victim of a breach. 

Cybersecurity Improvement Plan 

How effectively have you deployed key security controls? 

This service, based on the CIS Top 18, assesses the “big five” security controls in your environment, showing their current state as well as a path to improvement. The controls assessed are: 

  1. Backup methodology; 
  2. Email security & phishing prevention; 
  3. Endpoint detection & response; 
  4. IT security policies & standard operating procedures; and 
  5. Multi-factor authentication. 

Ransomware Resilience Assessment 

How do your defenses perform against an attacker in your network? 

This purple team exercise tests your network defenses by simulating a real-world ransomware attack, using the current tactics, techniques, and procedures of major ransomware groups. The simulation is followed by a workshop presenting the attacker’s perspective of what assets and data could have been compromised in the attack. 

Legal Tabletop Exercise 

What should you expect if you’re breached? 

This live, virtual workshop walks your executive team through a hypothetical breach scenario. It prepares them for the challenges and parties they will encounter – and the decisions they will have to make – in the face of a real breach. 

Request Information

This field is for validation purposes and should be left unchanged.

Mike Rastigue

Mike joined Aspen in 2023 as the head of Cyber Risk Management and is chiefly responsible for Aspen Cyber Risk Services (ACRS) Mike’s background spans cyber security operations, financial modeling of cyber risk, and cyber insurance brokerage. Mike obtained his B.A. in philosophy at Oakland University and his J.D. from Western Michigan University Thomas M. Cooley Law School. Mike also maintains a Certified Information Systems Security Professional (CISSP) certification.