Blog


← Back to BLOG

22
Sep
2022
What You Need to Know about Cyber Insurance Requirements

What You Need to Know about Cyber Insurance Requirements

Running a business is no easy task. You must keep track of finances, ensure employee productivity, provide customer service, and make sure your IT infrastructure is up to date. If your business accepts electronic payments from customers, you run an increased risk of a data breach, whose consequences can be dire¹. According to IBM’s Cost of a Data Breach Report 2021, the average data breach worldwide cost a record $4.24 million last year, and an average of $9.05 million for U.S. companies². How can you protect your business from such a disaster? 

Enter cyber insurance. Also known as cybersecurity insurance or cyber-liability insurance, it protects organizations like yours from the consequences of cyber threats and attacks¹. Purchasing cyber insurance coverage can help you keep your business running smoothly during cyberattacks and their aftermath, while also covering costs incurred while responding to and recovering from them¹. However, keep in mind that your business must meet certain IT requirements to qualify for cyber insurance coverage. In this article, we will discuss these requirements and how to comply with each one. 

One key requirement for cyber insurance is that you must have endpoint detection and response, or EDR, implemented across every “endpoint,” including laptops, desktops, servers, mobile phones, tablets, and virtual environments, all of which sit on the ends of your network and thus in a prime position for hackers to capitalize on any vulnerabilities you have³. These devices must be protected. While antivirus software may have worked fine in the past, that is no longer the case. Malware continues evolving into more sophisticated forms, requiring an advanced solution³. EDR is a solution that provides visibility across many endpoint devices and responds to any perceived threats accordingly, which is why many insurers now require this security measure³.  

Another requirement for cyber insurance is multi-factor authentication, or MFA. As we discussed in a previous article, this helpful tool combines two or more distinct authentication methods, such as a password followed by an SMS code sent to your phone. Many organizations now require MFA to establish out-of-office network connections, often combining biometrics such as fingerprints or iris scans with passwords and single-use access tokens³. By preventing malicious users from accessing your networks and the valuable information stored therein, MFA can help you secure the cyber insurance policy of your dreams³. 

While EDR and MFA are both essential for cyber insurance coverage, you must not overlook the importance of ample cybersecurity training. For example, to purchase ransomware insurance coverage, you must mandate regular IT security and privacy training for all your employees and contractors, at least once annually but preferably more often⁴. Meanwhile, if you wish to buy technology fraud insurance, you need to implement social engineering-related security training with emphasis on baiting, phishing, spear phishing, and other social engineering methods⁴. By requiring cybersecurity training and then buying cyber insurance, you will have added protection against tech fraud as well as harmful malware and ransomware attacks. 

Lastly, you should have identity and access management (IAM) in place before purchasing a cyber insurance policy³. This practice “applies sets of rules and practices” so you can track and control your users’ activity³. For instance, IAM can help you “monitor successful and failed login attempts,” while also determining access rights and granting administrative privileges to select users as you see fit³. Not only do these techniques reduce the potential attack surface, but they also minimize the impact of a data breach and prevent such risks as accidental operator error and malicious insider attacks³. Any way you slice it, IAM is essential for any cyber-insured business. 

If you are looking to meet IT insurers’ requirements, navitend can help. We offer solutions such as endpoint protection, multi-factor authentication, firewalls, and comprehensive end-user security training so you can secure the best cyber insurance policy for your business. 

Call 973.448.0070 or setup an appointment today. 

Sources: 

¹BusinessTechWeekly.com. “Cyber Security Insurance: Who needs Cyber Liability Insurance & What does Cyber Insurance cover?” by Malcolm Adams. Retrieved from https://www.businesstechweekly.com/legal-and-compliance/gdpr-legislation/cybersecurity-insurance/

²IBM Security. “Cost of a Data Breach Report 2021”. Retrieved from https://www.ibm.com/downloads/cas/OJDVQGRY.  

³Cyber Insurance Academy. “Minimum Requirements in Cyber Insurance” by Syvanne Aloni. Retrieved from https://www.cyberinsuranceacademy.com/blog/2022/04/18/cyber-insurance-minimum-requirements/.  

⁴Imagineering LLC. “A Complete Cybersecurity Checklist for Obtaining Cyber Liability Insurance.” Retrieved from https://imagineeringit.com/a-complete-cybersecurity-checklist-for-obtaining-cyber-liability-insurance/#:~:text=In%20order%20to%20obtain%20Technology%20Fraud%20Coverage%2C%20most,%28e.g.%20social%20engineering%2C%20phishing%2C%20spear%20phishing%2C%20baiting%2C%20etc.%29

navitend can help you. Call 973.448.0070 or setup an appointment today.

Testimonials

  • "I appreciate that they didn’t just build the application. They made it better by bringing ideas to the table that not only made for a better user experience, but also kept the development costs down."

    Andy Lynch / North Star Marketing
  • "Our company is more efficient and has grown as a result of navitend’s work. navitend helped us get to the next level."

    Greg Niccolai / Madison Insurance
  • “Navitend’s expertise helped our firm over the past year to effectively elevate our I.T. game, powering our website into a highly interactive tool. Well done to Frank and his team!”  

    Chuck Steege, CFP®, CEP, President, SFG Wealth Planning Services, Inc.
  • "Thanks so much again for taking care of everything in such an expedient manner. It's a pleasure to work with navitend and its staff as always!"

    Lawrence Wolfin / Textol Systems, Inc.
  • "navitend has been a great IT partner for our company.  Their helpdesk response time is the best I have experienced in my 30 year career.  navitend has helped me to have great IT services without the need to have a full time, in house, technician at significant savings to our company."

    Bob Bradley, President, Bradley Graphics
  • "I look forward to working with you again in the future. Once again, thanks to your organization for your prompt response."

    Luke Wolters / Luke Wolters Tax Consultants
  • "Thanks so much!  You are a class act!  
    You and your team have really done an excellent job on this!"

    Steve Van Ooteghem, The C12 Group in Houston, Texas
  • "We've dedicated our lives to growing our retail and ecommerce business and it's a relief to have found a company like navitend who treats our business likes it's their own. navitend's personal approach to project management and problem solving are top-notch."

    Stamatis, Co-owner Twisted Lily, Fragrance Boutique and Apothecary
  • navitend’s approach to customer service is greatly appreciated here.  Ensuring that we are well protected from a technology standpoint provides us with peace of mind to continue our day to day operations and that they are looking out for our company's best interest. 

    Debbie