Implementation of Multi-Factor Authentication (MFA) is, for most carriers, the most important requirement. And it’s no longer sufficient to just add MFA to email. MFA is required for all external network connectivity like VPN’s, Remote Desktop and virtual and application gateways. Internal administrative access to Active Directory, servers, firewalls, routers, and network equipment will also be required to have MFA.
Carriers now demand Endpoint Detection and Response (EDR), which goes far beyond typical antivirus. This is real-time, continuous monitoring and collection of endpoint data that is monitored 24/7. Carriers now require a formal, documented incident response plan paired with EDR. The carrier wants evidence that you will not only detect, but that you also have a plan to respond to an incident.
Employee training is a high priority for carriers. You may have the best network security, but the reality is that humans are the weak link. Businesses would do well to put more emphasis and effort on security awareness and training. Any training that ensures employees can identify threats such as phishing, and respond appropriately, is worth your while.
A strong backup methodology and a tested, functional Disaster Recovery Plan round out the increased requirements. Businesses would be wise to ensure they have multiple backup strategies including an off-site air-gapped copy of their data. “Air-gapped” means that a copy of your data is offline, disconnected and inaccessible from the internet. Making sure that your backups can be restored is critical.
Widespread implementation of MFA and EDR, combined with a formal incident response plan, thorough employee training and a robust backup plan are what businesses can do to best position themselves to obtain or renew cyber insurance. They are also best practices businesses should follow to not only get the best rates, but to protect themselves from having to use their cyber insurance policy in the first place.
To view the print PDF, click HERE.