As hackers continue to find new ways to invade your network, carriers will rely on prevention efforts when evaluating your cyber application. Underwriters are tightening availability, and insureds must prove protection efforts for any cyber liability insurance consideration. Prepare your organization for a successful cyber application process with these recommended controls.
1. Close Unused Remote Desktop Protocol (RDP) Ports
Remote work influenced RDP and Server Message Block (SMB) as increasingly useful business tools. Employees can retrieve files and applications stored on your organization’s network while working remotely. Additionally, your IT department can remotely identify and fix an employee’s technical problems.
Open RDP ports can leave your organization with unnecessary vulnerability. Experts suggest you close all unutilized RDP ports and protect all other ports with virtual private network and multifactor authentication (MFA). Your organization should also refrain from opening RDP or SMB ports outside your network.
2. Use Multifactor Authentication (MFA)
Most cyber carriers will refuse coverage unless MFA has been fully implemented across your enterprise. This method involves users only gaining access to a resource (e.g., applications, online accounts, VPNs) by providing two or more verification factors. Approved users are sent an email, text or biometric check (e.g., face recognition, fingerprint scan) before logging in.
3. Have a Data Management Strategy
Your cyber underwriter will verify your organization’s data storage and segregation. Data record distribution should occur across numerous servers. In the event one server is attacked, some of your data will be protected. This strategy will prevent your business from a catastrophic loss. Preferably, store data via a cloud service and verify their access controls and vendor security checks.
4. Run Endpoint Detection & Response (EDR)
Cyber underwriters will verify your organization uses EDR tools to continuously monitor end-user devices to detect and respond to cyber threats (e.g. malware, ransomware, advanced persistent dangers). These security solutions record all endpoint and workload activities. Security teams can uncover normally invisible incidents, such as:
- Host connections to internal & external addresses
- Remote & direct user account access
- ASP key, executable & administrative tool alterations
- Process executions
- Network activity details
- Archived files
- Removable media usage
5. Segregate Backup Data from Main Network
Archive all record and server backups separately. Storing this data on your primary network leaves your system unprotected if compromised. Underwriters will require proof your data storage is separate from your main server and preferably offline and offsite. This action will allow your business to recover quickly from a ransomware attack.
6. Make Risk Management a Priority
A favorable review from underwriters will require your organization and leadership to prioritize risk prevention. They’ll be looking for official cyber risk management policies and procedures. We recommend designating an employee to oversee this information, its communication and storage.
7. Annual Training
Employees must be aware of cyber security vulnerabilities and have the knowledge to protect company data. Underwriters will look for examples your organization is offering staff with regular training on subjects, including:
- Software updates
- Safe internet browsing
- Secure passwords
- Software installation
- Social media
8. Refuse End-Of-Life Operating Systems
End-of-point refers to when vendors designate an end-of-life date for their operating system. This timeline determines when all official support (e.g., security vulnerability fixes) stops. Operating systems beyond this date provides numerous opportunities for cybercriminals. Without support, your business has no patch available to protect against hackers. End-of-life operating systems can place your organization at risk of negligence claims from a breach. Additionally, businesses within regulated industries could suffer major fines or shutdowns for operating an end-of-life operating system.
9. Gap Backups
Your commitment to cyber protection should always include scheduling reoccurring data backups and security for archived information. A gap backup is a technique for storage and recovery of your data. Copies of sensitive data are maintained through an infrastructure that is inaccessible from any external connection. Its physical distance makes it impossible for hackers to remotely access. A gap backup is recommended as it’s difficult for cyber attackers to access, can limit malware’s spread and improves cyberattack recovery.
10. Business Continuity Plan (BCP)
Underwriters will look for your cyber prevention and recovery strategies. Your BCP should include data protection details and strategies to quickly recover operations following a disaster. As cyberattacks are a prevailing reason for operation stoppage, the goal is to minimize downtime. A solid BCP will include:
- An analysis of your business’ critical functions and risk assessment
- Potential recovery strategies
- Solutions to maintain operations
- Testing procedure readiness
- Routine maintenance
We’re Here to Help With Your Cyber Insurance Renewal
Heightened cyber risks driven by the growth of ransomware attacks have led to a hardening of the cyber insurance marketplace. With demand for cyber-focused services on the rise, insureds must find ways to double down on their risk management efforts. Utilizing these recommendations can help not only protect your organization from cyberattacks but also assist in your application process to appear favorably to underwriters. If you have questions about these steps or additional mitigation strategies, connect with a
member of our team.