Cyber insurance is one option that can help protect your business against losses resulting from a cyber-attack. However, cyber insurance providers may have different requirements for policyholders to meet before they can get coverage or claim benefits. Here are some possible things you must do so that your cyber insurance will pay if you have a breach:
• Implement Endpoint Detection & Response (EDR) on all endpoints, such as laptops, desktops, mobile phones, tablets, servers, and virtual environments1.
• Require Multi-Factor Authentication (MFA) for all remote access1.
• Have Backup Procedures, Offline Backup, or Alternative Backup Solutions for your data1.
• Use Identity and Access Management (IAM) for ad-hoc privileges and restricted network access1.
• Use Privileged Access Management (PAM) to monitor accounts with privileged access1.
• Have a good Patch Management system to keep your software updated1.
• Comply with the Zero-Trust framework that requires all users of your network and third-party providers to be authenticated and authorized on an ongoing basis2.
• Have a strong Incident Response (IR) plan that includes legal counsel, customer notification, crisis management, forensic services, and accounting costs2.
• Pay attention to the coverage details of your policy, such as data breaches, cyber attacks, terrorist acts, lawsuits, regulatory inquiries, fees, fines, penalties, and global coverage2.
These are some general tips to consider, but you should always discuss with your insurance agent what policy would best fit your company’s needs and what specific requirements you must meet. Cyber insurance is not a substitute for good cyber security practices, but rather a complementary measure that can help you mitigate the risks and costs of a cyber incident. If you need help with this, Call Computers Done Right at 941-240-2675.
Learn more:
1. cyberinsuranceacademy.com
2. ftc.gov
3. tenfold-security.com
4. cyberark.com
5. ajg.com
