As cyber-attacks continue to increase, Cyber Insurance is becoming more important and more costly – for both insureds and their insurers. To cut their own losses, insurance underwriters are looking for companies that have taken more than the basic steps to protect themselves from a cyber attack. And taking steps to mitigate cyber exposures not only benefits Cyber Insurance underwriters, it also benefits your company with lower premiums, better coverages and less chance of having a cyber risk-related loss.
Some of the suggested cyber mitigation steps are highly technical and may vary depending on your industry. The IT firm SHI (here) listed some general steps your company should take to reduce the risk of falling victim to a cyber attack. In the process, it will make your company a better prospect for underwriters. Those steps include:
Be ready for review
Increasingly, Cyber Insurance policies are contingent on tools insurers use to scan your company’s IT systems for vulnerabilities hackers can exploit. It may be worth it to do such a test internally before applying for insurance. If any problems crop up, you can address them before your underwriter finds them.
Update, patch and do it all again
Underwriters want to know that your company is consistently using the latest versions of hardware and software. Doing so ensures you are using products and services still supported by the manufacturer – all of which helps keep your cyber security up to date.
Use Multi-Factor Authentication (MFA) wherever feasible
MFA is a must-have security tool and a requirement for most cyber underwriters. Your company should be using it on any remote access to networks and systems, as well as general access to email and any sensitive data.
Have a plan to respond to incidents
Insurers want to know that if the worst does happen, your employees know how to identify the problem and mitigate the damage.
Train
In addition, employee cyber security awareness training can be an important part of any cyber security plan. Employee vulnerabilities are a major criminal attack vector, so preparing your employees to recognize and neutralize social engineering attacks and human error can reduce cyber exposures.
Try our online Cyber Insurance Quoting Portal for same day quotes. We look forward to working with you!