Corvus Insurance Enhances Virtual CISO Offering with vCISO Services

Appointment of Jason Rebholz as CISO strengthens the company’s efforts at combating cyber risks.

(Image credit: Alexas Fotos.)

Corvus Insurance, a Boston-based insurer offering “smart” commercial insurance products powered by AI-driven risk data, has announced vCISO Services, an expansion of its “virtual CISO,” or vCISO offering that includes a suite of consultative sessions with Corvus security partners at a reduced cost, each aimed at helping organizations dig deeper into specific security issues. Corvus also announced the appointment of Jason Rebholz as Chief Information Security Officer (CISO).

Jason Rebholz, Chief Information Security Officer, Corvus Insurance.

Offered as the latest enhancement of Corvus’s vCISO digital policyholder experience, vCISO Services is the company’s newest effort to help better protect organizations against ransomware and other cyber attacks, according to a Corvus statement.

“With an increasingly saturated market for cybersecurity tools and services, organizations face difficult decisions, with each vendor offering something slightly different than the last with varying price points and benefits,” the Corvus statement says. “With vCISO Services, Corvus’s in-house security team consults with policyholders to help them better protect their systems and build more resilient infrastructure.”

Corvus says its team then helps policyholders select solutions for their unique environment and connects them to top cybersecurity providers at a reduced rate, including MOXFIVE, RED SKY Consulting, SentinelOne, and Tetra Defense.

The consulting services bundled within the vCISO Services platform include the following as described by Corvus:

  • Multi-factor Authentication (MFA) Consult: With stolen credentials often leading to enterprise-wide security issues, the MFA Consult will help business leaders determine which MFA solution is right for their organization and provide support through the implementation process.
  • Endpoint Detection and Response Consult: As endpoint detection and response (EDR) solutions become a requirement in an organizations’ cybersecurity toolkit, the EDR Consult will help organizations identify, deploy and monitor an endpoint detection and response tool.
  • Backups Consult: Because ransomware threat actors regularly target victim organizations’ backups to force payment of a ransom, the Backups Consult will help organizations build a more secure and resilient backup strategy.
  • Active Directory Consult: Active Directory defines the full spectrum of an organization’s permissions. The Active Directory Consult will review the Active Directory architecture to identify and remediate potential misconfigurations or weaknesses that attackers commonly exploit.
  • Network Segmentation Consult: Strong network segmentation complicates a threat actor’s ability to infiltrate a network. This consultation service works with an organization to identify ways to segment the network better to protect what’s most important.
  • Cloud Security Configuration Consult: With businesses migrating much of their data to the cloud, this consultation works with organizations to identify common cloud services in use, such as Microsoft 365, Azure, GSuite and AWS, and advise as to which security settings to enable above and beyond the default settings.

Phil Edmundson, CEO, Corvus Insurance.

“vCISO Services represents our company’s latest push to provide new and cost-effective ways for businesses to explore their cybersecurity options, find the best provider to meet their needs, and strengthen their systems against cyberattacks,” comments Phil Edmundson, Founder and CEO, Corvus Insurance. “We are proud to be partnering with the best vendors in the market to extend our efforts in making the world a safer place.”

Along with the vCISO Services news, Corvus also announced the appointment of Jason Rebholz as the company’s Chief Information Security Officer. With over a decade of experience helping organizations respond to security incidents and build more secure and resilient environments, Rebholz plans to leverage his technology and infrastructure knowledge and expertise to drive better organizational risk mitigation and empower data-driven decision-making, according to Corvus. Following roles at Mandiant, The Crypsis Group, and Gigamon, Rebholz was most recently building and leading business recovery and resiliency services at MOXFIVE to support ransomware victims and other cyber incidents.

“The cybersecurity landscape is at an interesting inflection point, specifically with the spotlight on ransomware and high profile government takedowns against ransomware groups and their infrastructure,” Rebholz says. “I believe that Corvus is uniquely positioned to be the leader in building and deploying forward-thinking solutions to businesses to help mitigate the impact of current and future cyber incidents, and I’m honored and excited to join such a dedicated team and culture focused on a steadfast mission.”

Corvus Insurance Launches Automated Ransomware/Business Interruption Cost Calculator

Anthony R. O’Donnell // Anthony O'Donnell is Executive Editor of Insurance Innovation Reporter. For nearly two decades, he has been an observer and commentator on the use of information technology in the insurance industry, following industry trends and writing about the use of IT across all sectors of the insurance industry. He can be reached at or (503) 936-2803.

Leave a Comment