Key Components for Business Liability Insurance and Cybersecurity Insurance

Oct 26, 2021 | Security

It seems like all we talk about in technology these days are cybersecurity incidents, data breaches, and ransomware attacks. It’s no wonder considering that these incidents are taking entire organizations offline and stealing data from the masses. They’ve become a big part of our current digital existence. At the end of the day, the computer systems we utilize every day rely on us fallible humans to tell them what to do, and to keep them secure from new threats.

If you took a computer course in school, you inevitably had a project where you were tasked with making the famous words “Hello World” appear on screen or on a printout. If you coded the system properly, you were successful, but if you made even the slightest mistake in syntax, code, variable, etc. the system would error out and you’d have to search for the problem. Our traditional security systems have operated in much the same way, relying on the configuration and policy decisions of error-prone humans to dictate what was happening. So how does this relate to insurance?

Well as technology has evolved, so have the defensive solutions available to our organizations designed to help protect our systems and digital assets. These new evolutions in security technology are designed to overcome some of our weaknesses as humans to fortify and protect us even if we make a small mistake here or there.

So, combine these scenarios and you will start to realize why new questions are appearing on your liability and cybersecurity insurance applications and renewals.

  • Increase in the number of cyber incidents and ransomware attacks resulting in losses totaling millions of dollars.
  • New cybersecurity technologies aimed at the most common threat vectors used in those cybersecurity incidents.

You will likely see the following questions (and others) on your application or renewal:

  • Do you utilize/enforce multifactor authentication (MFA) for administrative access, or access by users into systems that store/process critical or sensitive information?
  • Do you use an endpoint detection & response (EDR) product across your enterprise?
  • Do you perform regular vulnerability scans?
  • Do you have or utilize an outsourced security operations center?
  • Do you have an incident response plan?
  • Do you regularly test your backups?

These are all considered modern solutions to the real cybersecurity threats we all face every day.

  • Multifactor ensures that before gaining access a person must present at least two different types of authentication:
    1. Something they know like a password
    2. Something they have like a smartphone or token
    3. Something they are like a biometric thumbprint or facial scan
  • EDR is an enhanced next-gen antivirus solution that not only protects against known threats like viruses, malware, and ransomware, but also collects information about running processes and activities that themselves may not be malicious but can be used in malicious ways. Through Machine Learning (ML) and Artificial Intelligence (AI) these platforms can spot the abnormal and take action accordingly.
  • Vulnerability scans are key for taking away the threat actors leverage into the system. By ensuring that systems are updated/patched, and end of life (EOL) software is removed when no longer in use, we can reduce the capabilities an attacker has if they gain access to the system. While not specifically discussed, we also face human vulnerabilities that we address through cybersecurity awareness training and testing.
  • A Security Operations Center generally collects information through a Security Information and Event Management (SIEM) system and correlates this information into actionable data. This is helpful when spotting anomalies across systems, and/or reconstructing actions during an investigation.
  • An Incident Response (IR) plan is critical for ensuring that resources have been allocated to respond to an incident and that careful planning takes place to reduce the chaos during an incident. Usually, these are great learning exercises as well that will spot system deficiencies or lack of resources that are needed to respond to an incident.
  • Testing backups regularly ensure that if an incident does occur that takes a system down and/or destroys data, then recovery is possible and a general idea regarding the process and time required to recover is known.

The NIST Cybersecurity Framework utilizes five functions (Identity, Protect, Detect, Respond, and Recover). These protections follow along with these functions very well. MFA, EDR, Vulnerability Scans are all focused around Identifying Assets/Users/Systems and providing Protection. The SOC and IR are focused on being able to Detect anomalies and being able to Respond accordingly. And finally testing backups ensures that we can Recover when all else fails.

So, if you are up for renewal for your business liability insurance, and/or cybersecurity insurance and you are being asked about some of these protections, hopefully this information will help you better assess your current situation and respond accurately. The only thing worse than not having the protection in place, is providing false information to insurance, and then losing coverage eligibility.

Axxys has developed a tiered cybersecurity solution to meet the needs of your organization and aligns with the requirements of common frameworks such as NIST CSF, CISv8, and insurance requirements like those listed here. If you are unsure about your current posture and capabilities, please reach out so we review your current posture and desired state and help build a plan of action to keep you safe.

Recent Posts

The Acronym Soup of Endpoint Security – AV/NGAV/EDR/MDR

The Acronym Soup of Endpoint Security – AV/NGAV/EDR/MDR

Do you ever miss the stories that started “back in my day”? I used to spend weekends at my grandpa’s house helping with chores like mowing the yard or running around the chicken coups. We’d watch black and white western shows on television and then he’d tell me about...

What is and why you need a SIEM/SOC

What is and why you need a SIEM/SOC

Everyday, countless businesses are targeted for attack by malicious hackers. It’s no longer a matter of if. This was highlighted by an experiment run by Sophos, a data security company. Sophos sought to identify how quickly attackers would be able to identify a...

The Modern Digital Warzone

The Modern Digital Warzone

Cybersecurity often shares many comparisons to military and borrows many concepts and terminology from the forces. For example, the Lockheed Martin Cyber Kill Chain is borrowed from a military concept related to the structure of an attack consisting of target...

Do You Secure Your Lawn?

Do You Secure Your Lawn?

Do you secure your lawn? No, I don’t mean from the likes of “Dennis the Menace”, and hopefully you’ve never uttered the phrase “you darn kids get off my lawn!” But believe it or not, there are some similarities between caring for your lawn and cybersecurity....

So, What’s the Big Deal About Ransomware?

So, What’s the Big Deal About Ransomware?

Thanks to the recent Colonial Pipeline and JBS cyberattacks (and their subsequent impacts), you’re probably encountering the term ransomware more than you used to and it’s not hard to see why – the number of successful ransomware attacks is rising dramatically. The...