- Cyber Score, OSINT, and the Transformation of Horiens Risk Advisors in Latin America
- AI Cyber Threat Intelligence Roundup: January 2025
- Win or Lose: Using CMMC 2.0 Proposed Rule to Position Yourself for DOD Contracts
- The $20 million Apple Watch settlement could mean a payout for you - here's how to qualify
- Your TV's USB port has hidden superpowers: 4 benefits you're not using enough
Cyber Score, OSINT, and the Transformation of Horiens Risk Advisors in Latin America
Introduction
The cybersecurity landscape is constantly evolving, and organizations face increasing challenges in protecting their digital assets, often referred to as the “Crown Jewels.” In this context, the use of Open- Source Intelligence (OSINT) and the development of a cyber score have become essential strategies for assessing risks and making informed decisions, particularly regarding risk transfer and cyber insurance.
Cyber Insurance in Brazil: • Global Perspective:
The demand for cyber insurance is growing as cyberattacks become more frequent. Recent reports indicate that cyber insurance premiums increased from $4.7 billion in 2018 to $9.2 billion in 2021, with projections to reach $22.1 billion by the end of 2025.
Brazil:
A survey by SUSEP (Superintendência de Seguros Privados) revealed that cyber risk insurance premiums collected a total of R$ 98.12 million in the first half of 2023, representing a 27.2% increase compared to the same period last year. The topic remains relevant in 2024 due to the significant financial impacts and operational disruptions caused by cyber incidents. Additionally, potential reputational damage is severe, as it erodes people’s trust in the affected company.
What is a cyber score?
It is a metric that assesses an organization’s security posture. It considers factors such as vulnerabilities, exposure to threats, incident history, and implemented protection measures. An effective cyber score allows companies to identify areas for improvement and prioritize investments in security. Horiens partners with Security Scorecard for this process and has a successful track record using the tool for its own monitoring before applying the solution to its clients.
Use of OSINT for monitoring
OSINT (Open Source Intelligence) is the process of collecting and analyzing publicly available information to assess threats. It involves searching sources such as internet search engines, print media, social networks, online forums, and public records. Horiens Risk Advisors uses OSINT techniques to monitor threats, identify vulnerabilities, and anticipate potential attacks. This process aims to assess leaked credentials that are constantly used for targeted attacks on executives and decision-makers. The infostealer market is vast in the deep and dark web, and this is a measured risk portrayed to Horiens’ clients through excellence in risk analysis.
Risk forms for insurers
The completion and submission of risk forms are crucial for the cyber insurance sector. Horiens has developed efficient processes to collect relevant information from clients and assess associated risks. These forms allow insurers to make informed decisions and o9er adequate coverage.
This process has been repeatedly highlighted in specific insurance forums, and we see slow progress on this topic from insurers. We believe that we should be the solution to the risk, not part of it. Therefore,
using encryption and appropriate tools for handling this traffic has set Horiens apart from its direct competitors and is changing the game, especially in critical infrastructure and large industries
Threat intelligence and Horiens
Horiens Risk Advisors is at the forefront of threat intelligence usage in Latin America for the Cyber market. Their team of experts analyzes OSINT data, develops customized cyber scores, and provides actionable insights for clients. With real statistics from the Brazilian cyber insurance market, Horiens is offering innovative solutions and protecting companies against digital threats.
We believe our main differentiator is having technical leaders who can directly engage with risk stakeholders in each business. That’s why we have a CISO (Chief Information Security Officer) speaking directly with the CIO/CTO/CISO of each client. This goes beyond being a mere differentiator it’s a technical relationship of trust that makes perfect sense in such a sensitive area as cyber posture and resilience.
In summary, our approach and the development of a specific framework for Cyber Risk analysis are as follows:
Conclusion
Cybersecurity is fundamental, that is indisputable. And Cyber Insurance is no longer discretionary, it’s a latent necessity that aims to protect assets, companies, and their business continuity. Horiens Risk Advisors demonstrates how the combination of cyber score, OSINT (Open Source Intelligence), and threat intelligence can transform digital protection in Latin America. The company not only keeps up with trends but also sets them, ensuring a safer environment for its clients.
About the Author
Ronaldo Andrade is a CISO at Horiens Risk Advisors, responsible for Cyber Insurance in the market. His background is in computer networks, with a specialization in business from NOVA Business School in Portugal. Ronaldo holds over 56 certifications in Cyber Security, Data Privacy, Critical Infrastructure, Technology Investigation, and Regulations. He serves as CISO at Horiens and as Director of Cyber Security at the Institute for Combating Cyber Crime (INCC). He is also a frequent speaker, having delivered over 40 lectures in Brazil, Latin America and the USA.
