Core Cyber

Cyber Insurance “Top 10”

by

cradmin
in

Reduce Risk and Potentially Reduce Your Premium

If you have not noticed, cyber liability insurance is evolving, and the new trend is prevention is the key to coverage. Remember that cyber insurance, just like auto insurance, is their “if” something happens. We do our best when driving our cars or in our homes to prevent accidents from occurring so why not have the same approach at work? So, what does prevention look like?

As a cybersecurity professional, I assembled a list of what I believe are the “Top 10” things every company should do to potentially reduce their premium for cyber insurance while building resiliency in their systems and improving their overall security posture.

  1. Conduct an annual comprehensive risk assessment followed with a detail plan of action.
  2. Perform comprehensive external and internal penetration tests at least annually.
  3. Use multi-factor (MFA) authentication wherever it is available.
  4. Update your password/passphrase policy to a minimum of 14 characters.
  5. Implement a least-privileged access model.
  6. Ensure all systems are routinely patched.
  7. Encrypt data at rest and data in transit.
  8. Require security awareness training quarterly.
  9. Deploy antivirus/endpoint protection throughout your network.
  10. Mandate secure remote access or VPN connection.

When you implement these elements into your organization, you are demonstrating due care and due diligence. You are showing the insurer that your company has cybersecurity built into its culture and that people throughout the organization are committed to keeping to company secure.

All these recommendations are achievable and should scale to your business. There are many, low-cost and open-source solutions available that may help to overcome some of the financial concerns.

If you are not sure where to start or in which direction to go, our team of knowledgeable security professionals are here to help guide you through the challenges of securing your organization from today’s complex cyber threats. Contact Core Cyber for more information about our suite of cybersecurity services.

Kevin Hutchinson, CISSP, RPA
Core Cyber, LLC
Owner/Operator

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *