[Updated December 2023] There’s good news and bad news in the state of cyber insurance. The bad news is that rates keep increasing. The good news is that the rise in rates is leveling off somewhat, going from an average increase of 133% in December 2021 to 17.1% in December 2022.

What remains the same is that the way to qualify for and get your best rate on cyber insurance is by lowering risk and building resilience. This is a message that resonates with both insurance underwriters and security experts who have long recommended a layered strategy to effectively manage cyber threats.

Being resilient means that an organization’s security strategy isn’t just defensive but includes tactics that guide how they will respond when an intruder is detected and what to do if a data breach occurs. Cyber insurance carriers are specifically looking for their insured to have a written plan with multiple policies, procedures and tools in place that enable them to recover rapidly and continue operations in the event of a cyber-attack.

Following are key components that should be part of that plan:

Please note that these are general guidelines, and your unique situation will determine your eligibility and rates for cyber insurance.

Security Tactics to Lower Cyber Risk

Policies and Procedures

It might surprise you that we’re not starting our list with a technology tool but how you document, train and enforce secure behavior is a vital part of your strategy. You probably have some of these in your employee handbook already, and there are no doubt some you need to add.

Cybersecurity Awareness Training

Training to enable employees to recognize and respond to suspected cyber attacks should be ongoing and customized for each employee.

Intrusion Detection and Response

The power of Artificial Intelligence is what allows intrusion and detection technology to stop unwanted network traffic. Managed Detection and Response (MDR) and Endpoint Detection and Response (EDR) are examples of this type of software tool. This capability is also built-in with modern firewalls.

Firewalls

Firewalls control incoming and outgoing network traffic and can include other sophisticated capabilities such as intrusion detection and response. Firewalls should be “hardened” to eliminate potential vulnerabilities.

Systems Hardening

When your IT systems are “hardened” it means that all of the settings are correct and any capabilities that aren’t being used are turned off.

Antivirus and Anti-malware

These technologies have been a mainstay of cyber defense for a long time, but they too have become more sophisticated. These tools should be deployed across your whole network including mobile devices.

Multi-Factor Authentication (MFA)

Keeping email and online accounts secure by making login a two-step process is a huge deterrent to intruders who are trying to get to the privileged accounts that have administrative rights. MFA should be deployed for employees and any contractors or vendors including administrative access.

Secure Remote Access

Any person or any IT system that is connecting to your network remotely should be secured with technologies that provide encryption and authentication. To be effective, employees need to be trained on what practices are acceptable and those practices must be enforced.

Email Authentication and Spam Filters

Email authentication and spam filters work together to flag and prevent fraudulent emails from getting to users. Authentication utilizes different protocols to determine if the email is from a legitimate sender. Spam filters add another layer of email cyber defense by sending the content and source of the message through a series of rules to determine if the email is valid.

Data Encryption

When data is encrypted, it’s unreadable to anyone who doesn’t have the key to decrypt it. When data is encrypted when it’s in storage as well as when it’s in transit, the possibility that it’s exposure can be used for extortion is dramatically lessened.

Software Updates and Patch Management

Keeping software up to date and patched with the latest vulnerability fixes is a cybersecurity best practice. This pertains to the software that runs all of your security layers (like firewalls, EDR, antivirus, etc) as well as operating systems and applications that employees use.

Network Monitoring and Reporting

Software that keeps a log of all of the activity on your network and endpoints allows your IT team to do forensic analysis of intruder incidents or attempts to access restricted information.

Network Segmentation

Dividing your network into sections is a tactic to limit access to data and lateral movement by intruders. Instead of being one big open area, a segmented network is like having multiple rooms each with their own locked door that requires a key to open it.

Vulnerability and Penetration Testing

Vulnerability scanning uncovers possible entry ways into your network by looking to see if there are any gaps created by things like unpatched software or weak password management. Penetration testing is an automated or manual attempt to gain entry to your IT systems from the outside.

Data Backup and Recovery Processes

Secure data backup practices include having backups stored in a location that’s segregated from your main network. How often you backup depends on your determined recovery point and recovery time. Your backups need to undergo periodic testing to make sure that processes are viable and that employees know how to use the backup to get operations restored.

Incident Response Plan

Every cybersecurity strategy needs to plan how they’ll respond to a suspected or actual intruder incident. The plan isn’t just about how IT will stop and clean up the attack, but should include a communications plan that outlines who needs to be notified and what information will be released.

Need to Up Your Security Game to Get Cyber Insurance?

If you discover that you’re missing some of the cybersecurity layers that insurance carriers are looking for, it’s time to up your security game. Remember, that investment in cybersecurity lowers your overall business risk and that’s an investment that’s good for the future of your business.

Managed Security Services from XPERTECHS

Here at XPERTECHS, we help clients create cybersecurity strategy that aligns with their risk profile and tolerance. If you’re not getting that from your current IT support provider, then it’s time to weigh your options.

Contact us to schedule a free consultation.