In recent years, the rising cost of cyber insurance premiums has become a major concern for enterprises of all sizes. This rate environment has been driven, in part, by the drastic increase in cyberattack claims globally. In fact, S&P Global analysts recorded a staggering 232% increase in ransomware claims from 2019 to 2021. Due to the interconnected nature of cyberattacks, cyber insurers are even reevaluating what gets covered-such as social engineering campaigns or state-sponsored attacks to ensure that they can sustain systemic risks.
Given these market conditions, improving cybersecurity practices is essential for organizations to better manage costs. For example, better cyber hygiene and continuous monitoring can reduce the likelihood of a claim and help companies obtain insurance coverage at more affordable rates. The following are six cybersecurity best practices that can help organizations get started on hardening their networks:
Multi-factor authentication (MFA) and two-factor authentication (2FA) have gained widespread adoption over the past few years as companies increasingly require it for both employees and users. MFA is one of the simplest measures to implement for an organization to verify whether a user logging into the network is really who they say they are. Attackers are always looking for ways to bypass security measures or use social engineering tactics like spamming push notifications to a user’s device to get into the network. This is why organizations should enforce MFA for all externally accessible login portals and for any sensitive internal applications.
Attacks that breach a company’s data, encrypt important files or threaten to leak sensitive information can severely disrupt business operations, leading to major financial and reputational costs. According to research from IBM, the global average cost of a data breach in 2022 was $4.35 million, and in the United States, the average was more than double that at $9.44 million. It is critical to have backups and external record storage to use in the event of an attack. This also demonstrates to insurers that the costs can be kept down with this ability to quickly get back up and running. In particular, backup and external storage solutions can help with getting operations restored, decreasing the likelihood of intellectual property loss and ensuring valuable records are secure.
Companies are also increasingly using cloud-based services as a way to maintain a copy of their networks in case of a cyberattack that stalls operations.
It is critical for organizations to be able to demonstrate the consistent use of identity and access management (IAM) systems. Wherever employees or other seemingly authorized users access the network, IAM helps to monitor for potential unusual or malicious activity. This is important because attackers can dwell in victim networks for weeks at a time without being caught. When left unattended, threat actors can command a breached account to infiltrate a company’s networks and deploy ransomware,steal files, install cryptominers or prepare for a future attack. IAM can help reduce the likelihood of these attacks by providing an early warning of suspicious activity.
An important part of crisis response is proactively engaging with outside support. Outside legal experts and experienced general counsel can work with forensic responders after an attack occurs to find out what legal liabilities and risks can come from the event. Incident responders can assist an organization’s security team to identify the threat actor and provide recommendations on how to stay safe in the future. Keeping incident response and legal expertise on retainer can save money when an incident occurs. To help ensure coverage for associated expenses, these experts should be approved in advance by the cyber insurance provider.
Tabletop exercises help prepare security teams to handle whatever attackers throw at them. They also prepare executive teams to manage, lead and communicate during a crisis, ultimately helping to reduce losses and mitigate reputation risk. The objective of tabletop exercises is not to lecture on the intricate tactics, techniques and procedures of threat actors, but to practice responding to an attack. Government agencies like the Cybersecurity and Infrastructure Security Agency (CISA) offer sample tabletop exercises for organizations. For those that want something more tailored to their specific circumstances, private sector service providers can also help develop relevant, realistic scenarios. If security teams and executives can demonstrate their understanding of cyber crisis response procedures as part of the cyber insurance application process, this can help secure more favorable coverage terms or rates.
A zero trust security framework mandates that trust-in users, networks and devices must be established via multiple mechanisms and continuously verified before access is granted to data and resources. This limits unauthorized access in the environment, allowing organizations to significantly reduce risk from compromised accounts. According to estimates from IBM, organizations that maintain a zero trust framework can save an average of $1 million in breach costs compared to those that do not. Adoption is rising, and 36% of CISOs surveyed by PwC said they had already started implementing components of a zero trust framework.
This article was written by Karen Kukoda and Monica Shokrai from Risk Management and was legally licensed through the Industry Dive Content Marketplace. Please direct all licensing questions to [email protected]