- / Blog
- / Cyber Update August 2022
Cyber Update August 2022
The cyber insurance market experienced significant adjustment in the last 12 months and many insurers expect things to worsen in the coming 12 months. We have seen a reduction in the number of insurers offering this class and those that remain have become significantly more conservative in their underwriting approach.
Some of the remediation we are seeing from insurers are premium increases ranging from 20% to 50%, higher excesses, lower limits, reduced coverage, onerous endorsements, higher cyber/IT security requirements for policyholders and longer applications.
Cyber criminals are becoming more sophisticated, and many breaches are from well-run criminal organisations operating throughout the world, with access to educated hackers and the very latest in malicious software. Cyber criminals appear to be moving away from attacks on larger organisations that may result in greater scrutiny from national governments and are instead focusing on SME companies as their main targets.
The two greatest areas of concern are financial fraud, where policy holders are convinced to pay a fake invoice or transfer money to the wrong account. The other being ransom claims where criminals gain access to the company’s system, lock it down and prevent access. The criminals then request a ransom payment before unencrypting the system. Criminals also threaten the release of sensitive company data to encourage the payment of the ramson. Insurers are advising that ransom claims have increased by over 100% in the last 12 months.
As a result of this increased activity Insurers now have higher cyber security expectation for policyholders moving forward. Insurers expect businesses to have several IT security measures in place before getting insurance, especially in high-risk industries. Improved security protocols may help keep the considerable premium increases down.
Below are some cyber security protocols insurers are looking for. Having these protocols activated before the renewal process will mean the security position of the business is healthier and should assist in negotiating a better outcome.
Cyber security Protocols
Some simple cyber security protocols which can minimise the risk of an attack are:
- Enable multi-factor authentication
- Apply least privilege access
- Keep software up to date
- Use anti-virus software
- Protecting data
- Staff training
These are protocols are relatively inexpensive and quick to implement and below is a plain English explanation of each.
Multi-factor authentication (MFA) makes it harder for attackers to use stolen or phished credentials. Without the additional factor, attackers can’t access accounts or protected resources. Enable MFA for all remote access to the network and MFA for all privileged user accounts such as IT, finance, and Directors. Ensure people understand not to approve an MFA request unless they were trying to log in or access a system. Some people automatically click to approve any pop-ups they receive.
Least privilege access
Prevent attackers from spreading across your network by applying least privilege access principles, which limit user access to just in time (JIT) and just enough access (JEA). JIT/JEA systems ensure users get only the access rights needed to perform specific tasks and only for as long as needed to complete them. Combine that with policies that deny access to resources if there is any doubt over the hygiene of an account or device.
Keep up to date
Keep applications up to date and correctly configured to mitigate against the risk of software vulnerabilities. Implement a means of updating all software and applications on all machines and endpoints so you always have the latest updates and patches. Restrict devices missing critical patches from accessing sensitive resources. Same applies for cloud services – use cloud security posture management to ensure systems are configured correctly.
Anti-virus software and email filtering
Install and enable anti-virus solutions on endpoints and all devices to stop malware attacks from executing. Use cloud-connected anti-virus services for the most current and accurate detection capabilities. Email filtering software to scan and filter all inbound and outbound messages for spam and malicious content.
Protect your data
Know where your sensitive data is stored and who can access it. If a breach occurs, it’s critical that security teams know where the most sensitive data is stored and accessed. As we increasingly collaborate and share data, we must ensure we understand what data we have, classify it accurately, and apply sensitivity labels where appropriate. That enables us to use information protection and data loss prevention technologies to protect data with greater confidence.
The most sophisticated systems can be breached by an employee clicking on a malicious link in an email or actioning an impersonators request. Training at all levels of the business, from the most junior staff member to the directors should be an ongoing part of the company’s learning and development program. There is so much free content online that can be shared with staff.
Even thought a building may have sprinklers, smoke alarms, fire extinguishers, fire hoses, fire doors etc, a fire can still occur, and insurance is required to protect the building as part of the overall risk management strategy. Cyber risk is no different, we recommend having as much cyber security as you can afford and to compliment that security with cyber insurance. The experts say a cyber breach is not a matter of if an attack will occur on your business, but rather when it will occur. Speak to an Adroit specialist for more information and for a cyber insurance quotation.