How Cybersecurity Checklists Keep Cyber Insurance Costs Manageable
The cyber insurance market has experienced dramatic changes over the past couple of years – including large payouts from ransomware attacks and the shift to hybrid/remote work – which has had a substantial impact on premiums. According to Egnyte’s recent Cybersecurity Trends for Mid-Sized Organizations Report, 47% of organizations have experienced premium increases of 76% or more in the past year. As someone who works in cyber insurance each and every day, premium increases have begun to stabilize, but it’s important to be aware of how it has been trending to date.
Egnyte’s Director of Cybersecurity Evangelism Neil Jones and I recently sat down to discuss the current state of cyber insurance and practical steps that organizations like yours can take to keep premiums manageable. Although there is never a one-to-one correlation between cybersecurity hygiene and cyber insurance rates, the cybersecurity checklist below provides you with a good starting point for improving your cyber hygiene.
Cyber insurers are looking for several key elements in the policy renewal process, particularly if there are effective data and risk management strategies in place at the organization. I’ve recapped several best practices below.
Update Your Incident Response Plan
Comprehensive incident response plans are vital for any organization. Only 64% of mid-sized organizations have a formal incident response plan in place. Without an overarching plan, companies are particularly vulnerable to cyberattacks, and recovery from such attacks can take much longer. If you don’t have an incident response plan, it’s important that you get started now and ensure it’s routinely updated. In addition, you should practice your incident response plan before an incident occurs, via tabletop exercises.
Establish Data Governance Controls
By maximizing visibility into and governance of all of your data repositories, you can better understand where your data lives and how it is used. This is especially important in today’s work environment, as data sprawl continues to be a growing concern. The business reality is that if you can’t see your data, then you can’t properly govern it. When it comes to access management processes for large groups, limit access to data on a ‘business need to know’ basis, as that can decrease the attack surface for a potential cyberattacker.
Utilize Multi-Factor Authentication
One of the simplest ways to enhance your cybersecurity defenses is through Multi-Factor Authentication (MFA). According to research from Microsoft, users that enable MFA on their accounts can block up to 99.99% of automated cyberattack attempts. You should require MFA on all remote access requests to your network, network administrator accounts, and user accounts that have elevated permissions. It’s also critical to educate users about “MFA fatigue” attacks.
Leverage Next-Generation Anti-Virus Protection
Despite growing user awareness, a significant proportion of cyberattacks are still initiated by long-standing attack techniques, including virus-laden email attachments, phishing links that direct users to ransomware and malware sites, and malicious software updates. Automated detection and response functionality should be included on all of your endpoints to offer the best protection to your users. On top of that, detected endpoint activity must be monitored and investigated 24/7.
Back Up Your Data on a Regular Basis
While this may be considered a mundane administrative task, backing up your data helps to maximize your company’s data protection. For example, you should disconnect (“air-gap”) data backups from your networks or segregate them with MFA, as well as test them frequently with the goal to restore essential functionality within 24 hours in the event of a widespread ransomware attack across your network. Data backup procedures should be a key component of your incident response plan, and you should explore ransomware recovery technology to recover more quickly.
Implement Email Protection and Network Monitoring Solutions
Email protection and network monitoring are mission-critical for your organization. Pre-screen emails for potentially malicious attachments and links, while strongly considering the replacement of file attachments with user links. By monitoring for suspicious activity or malicious network behavior, you can keep your business one step ahead of a potential cyberattack.
Adopt Phishing Training
While it’s crucial that company-wide cybersecurity awareness training be considered a way of life for all organizations, be sure to incorporate simulated attack scenarios and anti-phishing education into your “defense in depth” toolbox. To be most effective, that training must be conducted on an ongoing basis rather than presented as a once-a-year IT requirement. You should also encourage company stakeholders to speak up if they see potential security issues. Similar to travelers at an airport or a train station, “if they see something, they should say something.”
Maintain Regular System Updates
Some cybersecurity defense measures we use today will likely be obsolete by 2023, as technology evolves. Update your computer systems regularly and perform critical patching of zero-day vulnerabilities as soon as they are released by vendors. And, be careful to utilize official “app stores” for software downloads – particularly for mobile device updates – as malicious software look-alikes abound.
Continue the Education Process
Cyber insurance can be complex to navigate for many organizations. By following the best practices outlined above and continuing to educate yourself on how the process works, you can keep premiums manageable while bolstering your company’s cybersecurity defenses. Be sure to check out our on-demand webinar on the topic to learn more.