Increasing Cyber Liability Coverage Requirements
As you may be aware, businesses and families have suffered from a surge of devastating cyber attacks and data breaches especially in the past two years. As a result, we are seeing the insurance industry respond to the increase in claims and demand for cyber coverage by adding specific IT and Network security requirements for coverage eligibility. We want to help you prepare your systems accordingly to preserve the availability of adequate cyber liability coverage for your business.
Please reach out to your IT team to discuss if your infrastructure includes the following most common network security requirements:
- Multi-factor authentication (MFA) to secure all remote access to the network, including any remote desktop protocol connections. MFA configuration should ensure that the compromise of a single device will only compromise a single authenticator.
- Multi-factor authentication (MFA) for all email access through a web application or non-corporate device.
- Multi-factor authentication (MFA) to secure all local and remote access to privileged user accounts.
- An Endpoint Detection and Response (EDR) tool that includes centralized monitoring and logging of all endpoint activity across the enterprise. EDR should be deployed across all endpoints.
- A backup approach with all of the following characteristics:
- Kept in a dedicated cloud service protected by MFA or kept in a cloud-syncing service protected by MFA
- Runs daily
- Has been tested in the last 6 months
- Can be used to restore essential network functions within three days of a widespread malware or ransomware attack
We encourage you to consider implementing these security controls if you do not already have them in place. Non-implementation could result in a non-renewal or material change in your premium and/or coverage.
Please contact Dyste Williams to discussion your options.