When an organization or business becomes a victim of a cybersecurity incident, having cybersecurity insurance can help with some of the costs that are associated with recovering from the breach.
Before we look at some of the common cybersecurity measures that are being required by cyber insurance providers, we strongly recommend that you engage with cyber insurance experts. Consulting with experienced and knowledgeable cyber insurance brokers and insurers is key to understanding the requirements.
Let’s look at some of the common cybersecurity measures now being required by cybersecurity insurance underwriters.
Multifactor Authentication (MFA)
This is an authentication method that requires the user to provide two or more verification factors to gain access to a resource. MFA is a core component of identity and access management policies. It adds one more authentication requirement in case of stolen credentials.
Patch Management and Vulnerability Management
Vulnerabilities in applications and software are an open door for cybercriminals. Having a strong patch management strategy and cadence is key to closing these open doors and mitigating risk.
Endpoint Detection and Response (EDR)
This is an integrated endpoint security solution that combines real-time continuous monitoring and collection of endpoint data with rules-based automated response and analysis capabilities. EDR solutions are helpful in protecting and detecting against cyberthreats before they become an incident. Traditional anti-virus products are now considered obsolete.
Email Filtering and Web Security
Email filtering services filtering an organisation’s inbound and outbound email traffic. Inbound email filtering scans messages addressed to users and classifies messages into different categories. These include, but are not limited to: spam, malware, virus, suspicious links, and others. Outbound email filtering uses the same process of scanning messages from users before delivering any potentially harmful messages to other organisations. Web security solutions focus on securing web browsing activities that have the potential of exposing employees to a number of threats, including phishing sites, credential compromise, and malicious downloads. These solutions are important as often, in fact … very often, cyber incidents begin with human error.
Privileged Access Management (PAM)
This is a the combination of tools and technology used to secure, control, and monitor access to an organization’s critical information and resources. Privileged user accounts are serious targets for attack as they usually have high-level permissions, access to confidential information and the ability to change settings. If compromised, a large amount of damage could be done to organizational operations. Having the right tools to protect and manage these accesses is important to the protecting your organization.
Cybersecurity Awareness Training and Testing
Given that over 85% of cyber incidents begin with phishing attacks, the importance of training and testing employees to recognize these threats on a regular basis cannot be overstated.
Secure, encrypted, and tested backups
A business’ ability to operate after an incident is dependent on the quality of their data backup processes. Ensuring that you have 3 different copies of your data, on 2 different media i.e., cloud, external drive with 1 copy offsite and 1 copy that is offline (with no connection to the network) is crucial to the resilience of an organization. Of course, testing the backups to ensure that there are 0 errors after data recovery is a critical part of the data backup best practices mentioned above.
Incident Response Planning and Testing
Having a plan as well as testing it on a regular basis is again critical to the ability of an organization to recover from a worst-case scenario.
These are just a few of the common cybersecurity requirements we have seen. There may be others depending on the cyber insurance underwriter.
As we mentioned above, as the cybersecurity threat landscape changes, so will the cybersecurity measures cyber insurance providers will require. Again, we strongly advise working with a cyber insurance expert to understand the requirements to prepare for requesting or renewing your organization’s cyber insurance policy.
MicroAge works with organizations or all types and sizes to develop the right cybersecurity strategy and put in place the appropriate cybersecurity measures that can help with obtaining or renewing cyber insurance coverage for their organization. Contact us today to see how we can help you.