Getting Prepared for Cyber Liability Insurance in 2022

Sadly, we live in a world where cyberattacks and data breaches are happening at a seemingly exponential rate. Hardly a week goes by without a high-profile attack or accidental data leak on one of the world's most known or loved brands. 2020 saw the likes of Microsoft, MGM Resorts, Facebook, Twitter, Zoom, and Nintendo fall victim to data breaches. The situation was so dire in 2020 that in a world rocked by a public health crisis, the IT world dubbed it "the year of the digital pandemic."

However, corporate giants aren't the only targets of cybercriminals. Many small and medium-sized businesses mistakenly think they aren't a big or lucrative enough target for hackers, but this simply isn't true. While large companies offer large rewards, they also have more stringent cybersecurity defenses. By contrast, SMBs often have weaker defenses or are otherwise ill-prepared for a cyber-attack. In other words, bad actors have a higher success rate targeting smaller companies than their larger peers.

Luckily, SMBs aren't powerless in this fight. Small and medium-sized businesses are increasingly taking proactive steps towards safeguarding their IT systems, and one such step is acquiring cyber liability insurance.

However, many companies are now being notified that their cyber liability coverage is being dropped. With the rise of ransomware attacks and extortionately high ransom fees over recent years, insurance providers are now requiring new advanced security measures to mitigate the increased financial risk. That's what we're going to be diving into today.

The Cost of a Cyber Attack

Cyber-attacks can be extremely costly for small businesses, both in terms of financial loss and reputational harm. For example, a study by IBM found that the average cost of a data breach for a company with under 500 employees is $2.98 million. This price tag is higher than the $2.63 million for companies with 500-1000 employees.

 Reputation can also be hit hard. Both customers and vendors are often wary of doing business with companies with a poor track record of protecting data.

Why Are More SMBs Investing in Cyber Liability Insurance?

Cyber liability insurance offers companies numerous protections from threats in the digital age. While businesses are responsible for their own cyber security, cyber liability insurance provides critical support in the event of an attack.

 For example, suppose a company is hit with a ransomware attack or data breach. In that case, most policies will cover financial and reputational losses resulting from damaged or corrupted IT systems or exposed data. It also typically covers the cost of investigating the attack, restoring electronic systems, and recovering lost data.

The Four Advanced Security Items You Need Today

Many organizations are looking to invest in cyber liability insurance for the first time or are coming up to their renewal date but fall short of the new requirements for coverage. Today, it's increasingly common for providers to require four advanced security items as well as patch management, backups, and antivirus solutions that help mitigate attacks such as breaches, thefts, extortion, and ransomware. Let's look at the four advanced security items.

1. Multi-factor Authentication (MFA) for Email, VPN, Network Access, and Application

Multi-factor authentication ensures that only the right people have access to IT systems. It does this by requiring a multi-step verification so that if one layer of protection is compromised, the account remains secure. So, for example, a cybercriminal who manages to gain a username and password through a phishing attack would be unable to gain access if MFA was in place.

 There are many different types of MFA:
  • Knowledge (something you know) - This includes passwords, PINs, secret answers, and so on. It relies on memory recall.
  • Possession (something you have) - Hardware keys, smart cards, smartphones (SMS verification), token devices, and USB drives.
  • Heritage (something you are) - These are unique personal identifiers like fingerprints, iris scans, face ID, voice verification,
  • Location - The user's physical location.
  • Time - The user is given a time-based window to complete authentication. A typical example is time-based one-time passwords (TOTP).
2. Email Security, Encryption, and End User Education

Email presents a huge cybersecurity risk to organizations. This is because almost everyone uses it, and it provides a direct line of communication for attackers. But of course, it's also vital for any thriving and efficient business.

Robust email security means investing in cyber security tools like antivirus software, anti-spam filters, archiving, and encryption. Email encryption ensures that bad actors can't intercept emails that potentially contain sensitive business data. In fact, today, most email servers can't read end-to-end encrypted emails.

Educating users on the common threats they may encounter while using email is also paramount. Why? One study found that 91% of cyberattacks start with email.

3. Endpoint Detection and Response (EDR)

EDR, sometimes also called Endpoint Threat Detection and Response (ETDR), is a security solution designed to detect suspicious system behavior, block malicious activity, and provide contextual information. It combines real-time monitoring and endpoint collecting and recording with various data analytics techniques to achieve these goals. Essentially, EDR solutions help detect security incidents and contain those incidents at the endpoint. They also play a critical role in investigating and remediating incidents.

Many cyber liability insurance providers are now requiring organizations to have an EDR system in place if they want coverage.

4. Application Whitelisting and Permission Controls

Application whitelisting is a type of endpoint security aimed at preventing malicious software from running on the IT network. Put simply, the organization permits specific applications to run on a user's machine; these are known as whitelisted applications. Any programs not whitelisted are automatically blocked. In other words, denying applications from executing is the default.

Application whitelisting along with stringent permission controls can help protect IT systems from cyber-attacks. Typically, once a hacker breaks the security perimeter, their next goal is privilege escalation. For example, they might gain access to an account with low-level permissions. From here, they'll want to obtain more permissions, say, admin permissions, so they can access sensitive files or execute malicious programs. The more access controls an organization has in place, the more challenging privilege escalation is.

Next Steps

If you're ready to purchase cyber liability insurance but are worried you fall short of the current requirements, don't fear - we can help you get prepared. Lammtech offers a range of robust cyber security solutions, including email security and encryption, network security, IP surveillance, and much more. Don’t wait until it’s too late to learn you're not eligible for coverage and take control today!

About the Author: