Cyber: Security & Risks
Over the last several years, cybercrimes and ransomware attacks have grown with increasing frequency and severity. As many employees continue to work remotely full time or in hybrid scenarios, the need for companies to focus on data protection is paramount.
It is anticipated that the annual cost of cybercrime grows at a rate of 15% year by year and will reach $10.5 trillion by 2025 per Cybersecurity Ventures. This expected growth in claims has pushed significant changes in the cyber insurance marketplace in recent years.
Not long ago, obtaining an indication for Cyber Insurance/Privacy and Security Liability was simple – with three pieces of information (Name, description of operations, and total revenues) carriers were offering indications and moving quickly to bind with a few simple questions. Now, underwriters are requiring oodles of information regarding Information Technology Risk Management and Cyber Loss Prevention Management; with specific focus on two key areas – MFA and EDR.
Multi-Factor Authentication (MFA)
Multi-factor Authentication (MFA) is a cybersecurity measure that requires users to confirm multiple credentials to verify their identity prior to accessing a system or network. These credentials are typically something you know (a password or PIN #), something you have (a cellphone) and something you are (biometric info such as fingerprint or facial recognition).
MFA should be used to protect remote access, email access and administrative access. This helps prevent intruders access to deploy ransomware, steal sensitive information, or erase valuable data. MFA provides an added layer of security that can block up to 99.9% of attacks stemming from compromised accounts.
MFA requires an additional step at each login, but it is not complicated and does not require additional hardware to engage. Many attacks start with compromised passwords. Did you know that around 64% of entities that reported a cybersecurity event had a gap in their MFA? In some cases, MFA was completely absent; in others it was not enabled, misconfigured, only partially implemented, or pending implementation. (1) Often times, employees use the same password for multiple systems – using simple passwords that are easily cracked and even share this information openly with others. If phishing allowed a user’s credentials to be obtained, without the security question answer or fingerprint, the attacker could not gain access to the system.
The cost of implementing MFA varies and depends on the type of solution chosen, and the number of systems and accounts protected by MFA. Many programs, including Microsoft Office 365, offer MFA services. There are also many companies that offer comprehensive services for reasonable monthly fees, as little as $3 per month per user for two factor authentication services.
Endpoint Detection & Response (EDR)
Endpoint Detection and Response (EDR), also referred to as endpoint detection and threat response (EDTR), is an endpoint security solution that continuously monitors end-user devices to detect and respond to cyber threats like ransomware and malware.
EDR is designed for endpoints, not networks and these endpoints can become entry points for cyber attackers. EDR uses endpoint data collection which is software installed into machines. This tracks and gathers data which is then reported to the EDR vendor for review. Once data is collected, the technology and algorithms track what is “normal” behavior for a user. If suspicious activity is found, an alert is generated. EDR also has the capability to automatically block malicious activity to temporarily isolate an infected endpoint from the rest of the network to not allow malware to spread.
Minimize The Risk
Employing both MFA and EDR together will significantly minimize the threat of a breach. Other ways to help minimize risk include employee training, increased awareness, and routine software patching and updates.
Up to 60% of businesses that suffer a cyberattack are forced to close their doors within 6 months due to the inability to recover from the loss per CNBC. Now is the time to take a proactive stance with your risk advisor to obtain Cyber coverage if you do not currently carry it or begin discussions to strengthen your policies and procedures to prepare for an upcoming renewal.