Cyber Insurance Checklist: 12 Essential Security Controls

Cyber Insurance Checklist: 12 Essential Security Controls

Sharp increases in ransomware and other malicious cyberattacks are leading more companies to consider purchasing cyber insurance. However, the same market forces are making it more difficult to acquire such protection.

What is Cyber Insurance?

Cybersecurity insurance is a type of general policy that covers organisations and people with internet-related risks and liabilities. Cybersecurity liability coverage is often divided into two categories: first-party and third-party. Direct damages to an organisation or individual are covered by first-party coverage, whereas claims & legal action initiated by customers and partners are covered by third-party coverage.

Forced to pay out larger and more frequent claims, insurers are hiking premiums while also being more selective about who they will cover. Underwriters now commonly require organizations to document their cybersecurity practices in order to qualify for coverage.

So, what are the 12 Essential Security Controls?

1. Multifactor authentication.

Ransomware and other attacks frequently exploit weak or stolen passwords to infiltrate systems. MFA reduces the risk by requiring a combination of verification factors such as a password or PIN along with a security token, mobile app or a biometric identifier. It’s almost impossible to get cyber insurance without MFA.


2. Endpoint detection and response.

Endpoint devices such as laptops, tablets and mobile phones are enticing targets because they provide a direct route into corporate networks. Unlike traditional signature-based threat detection tools, EDR solutions use machine learning (ML) and continuous monitoring to identify stealthy threats that lack the usual signs of an infection.?


3. Secure backups.

Many ransomware attacks now target backup data to prevent recovery. Immutable backups that cannot be encrypted, deleted or otherwise modified ensure you have an untouched version of data that is always recoverable. For additional protection, the immutable backup should be isolated from local systems.


4. Network access controls.

Enforce least-privilege access principles to ensure users are limited to only the data and systems access necessary for their jobs. Identity and access management (IAM) and privileged access management (PAM) solutions deliver strong access controls. IAM solutions provide a framework for verifying user identities, while PAM delivers more control over privileged identities and activities.


5. Filter content.

Content-filtering solutions scan web applications, identify malware signatures, and examine text and email messages to protect against data leakage.


6. Patch management.

A consistent approach to patching and updating software and operating systems helps limit exposure to ransomware and other exploits. A patch management plan should include a framework for prioritizing, testing and deploying patches.


7. Incident response planning.

A formal incident response plan should outline specific procedures for detecting, responding to and recovering from a cyberattack. The plan should describe technical requirements for containing and eradicating threats as well as business requirements for maintaining operations.


8. Cybersecurity awareness training.

Regular security awareness training promotes general security best practices and an understanding of social engineering and phishing techniques. Users who can spot the telltale signs of an attack can preemptively thwart many attacks.


9. Secure remote access.

Remote desktop protocol (RPD) enables users to access company resources from a home PC using an Internet connection, but it has known vulnerabilities. Apply encryption, MFA and other security features to mitigate risk. In addition, block all remote access ports at the firewall or network gateway unless there is a valid business reason for having them open.


10. Monitor event logs.

Enable security event logging for all systems, software and endpoint devices, and actively review and analyze those logs to detect attacks and launch countermeasures.


11. Replace end-of-life systems.

Hackers commonly target applications and systems that have reached end of support or end of life because they know security issues are no longer being addressed. Companies with outdated systems and no plan for upgrades are viewed as poor risks by most insurance underwriters.


12. Manage supply chain risk.

Supply chain attacks allow cybercriminals to distribute malware to mass numbers of victims simultaneously. Organizations should evaluate their suppliers’ security practices and incorporate specific security requirements into their contracts.


You can reach out to the author Nilesh Roy at?

Email: [email protected]?

Mobile, Whatsapp & Telegram: +919820094678?

Website: https://www.nileshroy.com?

#cyberinsurance #cyberattacks #viralpost #insurance #cyberattacks #security #securitypractice #Cybersecurity #IAM #PAM #AccessManagement #informationsecurity #infosec #infosecurity #NileshRoy

要查看或添加评论,请登录

社区洞察

其他会员也浏览了