By Amos Aesoph, Xigent CISO
Three years ago, the average cyber security insurance claim was less than $10,000. Last year, the typical claim paid out as much as $5 million.1 It’s no surprise that insurers are digging into the details of your security plan.
Your insurability, premiums, and most critically–possible payouts–depend on the protections you’ve put in place. We asked one of the leading insurance providers what you need to have in place to get good coverage, at a reasonable cost, to ensure that if you have an incident you’ll actually receive the payout you’re entitled to.
Here are the protections they require:
- Create and consistently test your incident response plan. Think out—and document—a plan for how you’ll identify, respond, and recover from a cyber security incident. Don’t leave it sitting on a shelf, but regularly test it to make sure it works.
- Add true immutability to your backups. Your backup data needs to be encrypted and stored in an air-gapped environment, physically isolated from your network. Eliminate the possibility of accidental or purposeful deletion by hackers—or members of your own team.
- Require multi-factor authentication (MFA) for ALL users. Everyone in your organization should use this critical security control, requiring a secure token for email, VPN, and critical system access.
- Train your team to identify threats. Employee training with simulated phishing attacks can make your employees your first line of defense and develop a strong cyber security culture.
- Block remote access ports at the firewall or network gateway. Eliminate remote desktop access from the public internet to your internal network. Instead require a VPN, remote access gateway, or network filtering device.
- Remove end-of-life or end-of-support devices and software. Cybercriminals target legacy systems because they know that security patches are no longer being addressed.
- Add advanced endpoint detection and response (EDR) controls. EDR solutions use machine learning to identify and block ransomware and malware on your endpoints and servers, using technology to mitigate threats that haven’t even been identified yet.
- Enable systems, software, and perimeter devices to log security event data. Take the time to configure the capability to generate logs and send them to a centralized platform or SIEM solution so you can identify the threat and analyze what happened.
- Develop a patch management program that addresses security vulnerabilities. A mature patch management program can identify risks and exposures based on the average time to patch, helping your team make critical decisions.
- Deploy a password manager. Employees are less likely to use weak passwords when they can generate and save strong unique passwords. Password managers often also provide an extra level of MFA security for access.
- Limit employees to only the systems and applications they need. “Least privilege access” lessens your exposure to hacking, as your employees only have access to the things directly related to their day-to-day responsibilities.
What does this mean for your IT team?
The insurance companies realize that the best security programs have multiple layers of security protections. If this seems like a lot for your IT team to handle, you’re right. It is. Xigent can help you assess your program and put in place the controls and safeguards you need to maintain effective, affordable cyber security insurance and keep your business running.
1 Insurance Business Magazine
Get a Security Assessment