Increased cyber claims have necessitated the insurance carriers to scrutinize cybersecurity controls with an increasingly rigorous underwriting process. We are seeing premium increases from 60 percent to 100+ percent. As insurance carriers focus on controls, cyber hygiene is crucial to securing cyber liability insurance coverage, and multi-factor authentication (MFA) is essential.
Multi-factor authentication is the process of using two authenticating factors to verify the identity of an individual. For example, password and app or password and biometric identification such as your fingerprint. Your organization should use MFA for the following:
- Remote access for all employees and corporate users
- Email access for non-corporate devices or web apps
- Privileged/administrative access
If you do not have MFA in place, options for coverage will be limited, or in some cases, non-existent. MFA takes time to implement, so if you do not have this control in place, please take action immediately.
Sources: Coveware (1), FBI Internet Report (2)
Here are some questions to ask your IT team:
- Do we use multi-factor authentication (MFA) for:
- To access email through a web app on a non-corporate device?
- To protect privileged/administrative user accounts?
- Remote access to our network?
- Have we phased out end of life or end of support software?
- Do we filter emails for malicious content or links?
- Are our backups encrypted?
If you answered “no” to any of the questions above, then we should discuss the impact of your cyber liability terms. RCM&D is here to help, and we have resources that can support you in creating a roadmap for changes.
RCM&D is a Unison Risk Advisors company. Established in 2020 through the historic and strategic merger of RCM&D and Oswald Companies, Unison Risk Advisors (a dba of the JBO Holding Company) is one hundred percent employee-owned and ranks among the 30 largest brokerage firms and among the top 5 largest independently owned firms in the country.
Questions?
If you have any questions regarding cyber hygiene, please submit them on the form below to speak with an trusted advisor. RCM&D’s Cyber Practice Leader, Scott Martin, will follow up with you in order to address your questions.
//–> //–> //–>