The average cost of a U.S. data breach, as reported by IBM Security, is nearly $10 million. As 80% of organizations reported at least one incident in 2022, the importance of addressing this issue can’t be underestimated. Given that October is National Cybersecurity Awareness Month, it’s an opportune time to prioritize the protection of company data, safeguard customer personal information and ensure employee privacy. As underwriters are leveraging cybersecurity practices to evaluate coverage, implement the following controls to bolster your application.
Necessary Cybersecurity Controls to Manage Your Risks
Endpoint Detection & Response (EDR) Solutions
This control continuously monitors security-related threat information to detect and respond to malware. It offers extensive insight into security incidents on various endpoints (e.g., smartphones, desktop computers, laptops, servers, tablets) to prevent digital damage and future cyberattacks. Sophisticated EDR features that can detect, investigate and respond to threats include:
- Incident data search & investigation triage
- Suspicious activity validation
- Threat hunting & detection
- Malicious activity containment
A successful EDR implementation and continuous endpoint data analysis can enhance your company’s network visibility, streamline cybersecurity investigations, leverage automated incident response measures and promote more contextualized threat hunting.
Patch Management
Patch management’s process optimizes security, resolves software flaws and improves performance in operating systems and software. Created by vendors, these updates address key vulnerabilities cybercriminals may exploit. It essentially acquires and deploys software updates across various endpoints.
This process can be employed by your organization’s IT department, automated patch management tools or a combination of both with steps such as:
- Identifying IT assets & their locations
- Evaluating critical systems & vulnerabilities
- Conducting tests & applying patches
- Monitoring progress & maintaining records
Effective patch management maintains your system security, complies with regulatory software standards, leverages system enhancements and functionalities, and decreases downtime. To restrict cyberthreats, it’s important to consistently patch and update software and operating systems. Also establish patch management strategies that prioritize, test and implement software updates.
Network Segmentation & Segregation
This process utilizes switches and routers to break down larger networks into smaller segments. It allows your company to manage and regulate traffic flow between these segments, leading to improved monitoring and control. By enhancing network performance, network segmentation permits your business to pinpoint technical issues and security threats. In contrast, network segregation isolates important networks (e.g., containing sensitive data and resources) from external networks. Your organization can implement additional network security protocols and access restrictions, hindering a cybercriminal’s ability to infiltrate your network.
Network segmentation and segregation enable your company to adopt a granular cybersecurity approach, limiting cybercriminals' ability to gain broad access to IT systems and valuable assets. When implementing these measures, uphold the principle of least privilege to restrict employee access to only networks vital to performing job duties. Ensure optimal infrastructure visibility by separating hosts from networks based on critical business functions.
End-of-Life Software (EOL) Management
Every software product eventually reaches the end of its life, and cybercriminals will exploit this vulnerability. During this time, manufacturers will discontinue product development and services (e.g., technical support, upgrades, bug fixes, security improvements).
Many organizations are reluctant to transition from end-of-life (EOL) software due to resource constraints, inadequate features in alternative software and migration challenges. This is particularly relevant when EOL systems continue to operate effectively. However, utilizing EOL software poses various risks, including:
- Heightened cybersecurity exposures
- Technology incompatibilities
- Reduced system performance
- Higher operating expenses
- Data compliance considerations
A proactive EOL software management approach can avert potential complications and ensure optimal cybersecurity. Specifically, develop comprehensive life cycle management plans for managing software life cycles, such as introducing new software and phasing out unsupported ones. Utilizing device management tools provides simultaneous deployment of software updates, certifications and other essential upgrades across numerous devices. It’s important to carefully review the EOL status of prospective software to avoid future support and replacement plan confusion.
Remote Desk Protocol (RDP) Safeguards
Developed by Microsoft, this protocol offers a digital interface that establishes remote connections with servers and devices. Users can conveniently access and control these servers or devices from anywhere. RDP is an invaluable business tool that empowers remote employees to retrieve files and applications from their organization’s networks. Your IT department also can utilize RDP to diagnose and resolve remote technical difficulties.
It's important to exercise caution as RDP ports are frequently leveraged as a vector for initiating ransomware attacks, especially when exposed to the internet. According to a recent study conducted by Kaspersky, there are an estimated 1.3 million daily cyber incidents using RDP as the primary method of ransomware attacks. Enhance the security of your RDP ports by:
- Deactivating when not in use
- Avoiding internet exposure
- Promoting interface security with a virtual private network (VPN) and multifactor authentication (MFA)
Email Authentication Technology/Sender Policy Framework (SPF)
Most ransomware attacks and social engineering scams begin with deceptive emails to employees. These fraudulent communications claim to be from credible sources, encouraging recipients to open malicious attachments or divulge sensitive information.
Protect your business from email-based threats by enabling email authentication technology. This protocol monitors and evaluates incoming emails based on specific sender verification standards. Your organization can opt for various verification standards (e.g., sender policy framework) that focus on IP addresses and domains.
Email authentication technology enables the validation of emails, allowing them to pass through organizations’ IT infrastructures and into employees’ inboxes. Unauthenticated emails will be flagged in employees’ inboxes or prevented from reaching the inboxes. SPF can filter unauthenticated emails directly into employees’ spam folders.
Secure Data Backups
To effectively safeguard sensitive information and data from cyberthreats, your company should prioritize regular and secure backups. This process is crucial for assessing and choosing secure storage options, such as:
- Cloud-based applications
- Onsite hard drives
- External data centers
Well-defined backup schedules and data recovery procedures will facilitate prompt restoration amid potential cyber incidents.
Multifactor Authentication (MFA)
While utilizing complex passwords can deter cybercriminals, it’s possible for them to be compromised. Multifactor authentication (MFA) is an effective measure to prevent unauthorized access to employees' accounts and mitigate potential attacks. This comprehensive method for safeguarding data and applications requires users to provide a combination of two or more credentials (e.g., password, phone number, security code) to verify their identities.
This protocol offers an additional layer of security, making it more difficult for cybercriminals, even with users’ passwords, to gain unauthorized access to accounts. Your organization should enable MFA for remote network access, administrative functions and enterprise-level cloud applications within its network.
Employee Training
Employees are widely recognized as the first line of defense against cyber incidents. A single employee mistake can potentially compromise and cause significant damage to an entire workplace system. Given this, it’s crucial to offer employees cybersecurity training that centers around enabling employees to effectively identify and respond to common cyberthreats. Additionally, it’s also important to include training on specific cybersecurity policies and methods to report suspicious activities.
We’re Here to Help Prevent Cyberattacks
In the current evolving digital risk landscape, it’s vital to prioritize cybersecurity to mitigate exposures. By leveraging effective cybersecurity controls, your organization can safeguard its operations against various losses and reduce the likelihood of related insurance claims. Additionally, documenting these measures demonstrates a commitment to cybersecurity to insurance carriers, potentially increasing their ability to obtain coverage. Connect with a member of our team for additional cyber risk management guidance.