More and more organizations are purchasing cyber insurance. Between 2019 and 2020 the market increased by 29.1% and this upward climb is projected to increase by 25% through 2026. (Statista) The impetus for this trend is due to requirements for cybersecurity accountability from customers and vendors, and the realization by business leaders that they need to take the threat of cyber attack more seriously than they ever have before.
While demand for cyber insurance is increasing, carriers are increasing their rates, limiting coverage, limiting the number of policies they write, and they’re taking a good hard look at applicants’ security posture before deciding on a rate, or even if they will write a cyber policy at all.
When it comes down to it, what you need to do to manage cyber risk is to up your security game. Standing up a stronger cyber defense will help you to mitigate threats and lower your risk, and that’s what insurers want to see too.
Your ability to obtain cyber insurance is going to be based on your business and industry, and whether or not you’ve already had a cyber-attack. There are some specific security tactics that you can have in your cybersecurity strategy that will set you up for a more favorable review underwriting review.
Please note that these are general guidelines, and your unique situation will determine your eligibility and rates for cyber insurance.
Security Tactics to Lower Cyber Risk
Policies and Procedures
It might surprise you that we’re not starting our list with a technology tool but how you document, train and enforce secure behavior is a vital part of your strategy. You probably have some of these in your employee handbook already, and there are no doubt some you need to add.
Cybersecurity Awareness Training
Training to enable employees to recognize and respond to suspected cyber attacks should be ongoing and customized for each employee.
Intrusion Detection and Response
The power of Artificial Intelligence is what allows intrusion and detection technology to stop unwanted network traffic. Managed Detection and Response (MDR) and Endpoint Detection and Response (EDR) are examples of this type of software tool. This capability is also built-in with modern firewalls.
Firewalls control incoming and outgoing network traffic and can include other sophisticated capabilities such as intrusion detection and response. Firewalls should be “hardened” to eliminate potential vulnerabilities.
When your IT systems are “hardened” it means that all of the settings are correct and any capabilities that aren’t being used are turned off.
Antivirus and Anti-malware
These technologies have been a mainstay of cyber defense for a long time, but they too have become more sophisticated. These tools should be deployed across your whole network including mobile devices.
Multi-Factor Authentication (MFA)
Keeping email and online accounts secure by making login a two-step process is a huge deterrent to intruders who are trying to get to the privileged accounts that have administrative rights. MFA should be deployed for employees and any contractors or vendors including administrative access.
Secure Remote Access
Any person or any IT system that is connecting to your network remotely should be secured with technologies that provide encryption and authentication. To be effective, employees need to be trained on what practices are acceptable and those practices must be enforced.
Email Authentication and Spam Filters
Email authentication and spam filters work together to flag and prevent fraudulent emails from getting to users. Authentication utilizes different protocols to determine if the email is from a legitimate sender. Spam filters add another layer of email cyber defense by sending the content and source of the message through a series of rules to determine if the email is valid.
When data is encrypted, it’s unreadable to anyone who doesn’t have the key to decrypt it. When data is encrypted when it’s in storage as well as when it’s in transit, the possibility that it’s exposure can be used for extortion is dramatically lessened.
Software Updates and Patch Management
Keeping software up to date and patched with the latest vulnerability fixes is a cybersecurity best practice. This pertains to the software that runs all of your security layers (like firewalls, EDR, antivirus, etc) as well as operating systems and applications that employees use.
Network Monitoring and Reporting
Software that keeps a log of all of the activity on your network and endpoints allows your IT team to do forensic analysis of intruder incidents or attempts to access restricted information.
Dividing your network into sections is a tactic to limit access to data and lateral movement by intruders. Instead of being one big open area, a segmented network is like having multiple rooms each with their own locked door that requires a key to open it.
Vulnerability and Penetration Testing
Vulnerability scanning uncovers possible entry ways into your network by looking to see if there are any gaps created by things like unpatched software or weak password management. Penetration testing is an automated or manual attempt to gain entry to your IT systems from the outside.
Data Backup and Recovery Processes
Secure data backup practices include having backups stored in a location that’s segregated from your main network. How often you backup depends on your determined recovery point and recovery time. Your backups need to undergo periodic testing to make sure that processes are viable and that employees know how to use the backup to get operations restored.
Incident Response Plan
Every cybersecurity strategy needs to plan how they’ll respond to a suspected or actual intruder incident. The plan isn’t just about how IT will stop and clean up the attack, but should include a communications plan that outlines who needs to be notified and what information will be released.
Need to Up Your Security Game to Get Cyber Insurance?
If you discover that you’re missing some of the cybersecurity layers that insurance carriers are looking for, it’s time to up your security game. Remember, that investment in cybersecurity lowers your overall business risk and that’s an investment that’s good for the future of your business.
Managed Security Services from XPERTECHS
Here at XPERTECHS, we help clients create cybersecurity strategy that aligns with their risk profile and tolerance. If you’re not getting that from your current IT support provider, then it’s time to weigh your options.