Top 10 list for cyber loss prevention

By Simon Milner Account Executive

T +44 20 7031 2506

Read my bio
Email me

Most malicious and even accidental cyber claims could have been prevented by a few simple loss-prevention measures. Many of these require no additional software or advanced IT skills, but highlighting these precautionary steps to underwriters, helps to immediately identify potential insureds as well-managed risks. That’s a powerful advantage when buying cover in the current very hard cyber market.

1

Turn on Microsoft Defender (formerly called Windows Advanced Threat Protection)

Toggle a single virtual switch in your system’s control panel to achieve massive improvement in actual and perceived risk profile.

2

Activate email security protocols

Activating the three main email security protocols is a little bit more difficult but will dramatically improve email security to help prevent malware entering systems. DomainKeys Identified Mail (DKIM) and Domain-based Message Authentication, Reporting, and Conformance (DMARC) ensure recipients know who has sent an email. Sender Policy Framework (SPF) helps to prevent hackers spoofing domains.

3

Get to know your data

Insureds should understand what sensitive information they hold, then control who can gain access to it. Ideally, access controls will include dedicated logins supported by multifactor authentication (MFA), protocols that permit only the individuals who absolutely need certain data to get to it.

4

Limit ‘admin’ access

Most executives would be surprised by the number of people with administrator access to part or all of its companies’ critical systems. By understanding who actually needs it, limiting admin access to those specific individuals only, and deploying a Privileged Access Management (PAM) tool to monitor how they use it, multiple systems interruptions will be averted.

5

Utilise endpoint detection and response software

This class of cyber-defences includes continuous systems monitoring, endpoint data collection, and rules-based automated analysis and response. In other words, it spots and deletes malware automatically. It’s anti-virus on steroids.

6

Review end of life systems

Like old employees, long past retirement age, who no one can bear to let go, systems that are no longer supported or patched by the developers should be retired, because they typically provide easy access points for cyber criminals. At the very least, they should be segregated, off-line, and ‘air gapped’ from current systems.

7

Segment the network

Segregating a corporate network into smaller sections makes it much more difficult for hackers to move through and can prevent them from holding an entire network to ransom. Systems can be divided in several ways: by function, criticality to business operations, geographic location, or the sensitivity of the server.

8

Purge old data

If you aren’t using it, get rid of it. Holding old data means that a greater number of people must be notified in the event of a data breach.

9

Test back-up and restore regularly

The daily back-up is the last line of defence against a ransom payment. When backups are in good order, and system restoration is straightforward and comprehensive, the need to pay ransoms to cybercriminals may be eliminated.

10

Add network outages to business continuity planning

As with back-ups, business continuity plans should be tested regularly. Underwriters now sometimes ask if continuity plans have been revised and tested since Covid-19 changed working patters. Giving the right answer to this and other basic cyber risk management questions can make a real difference to premiums in the current challenging cyber insurance market.

Go back to contents
Go to next page
Go back to contents
Go to next page