2022 Cyber Insurance Renewals; EDR is the new MFA

An AM Best analysis predicts that the hard market in cyber is “here to stay”, despite significant rate increases and a 75% boost in cyber insurance premiums in 2021. Citing standalone cyber premiums increased by 95% in 2021, surpassing the combined premiums of standalone and packaged premium totals for 2020. These stats do not carve out middle market from the larger risks, but it is consistent with what we’re seeing in our space.

(https://www.advisen.com/tools/fpnproc/fpns/articles_new_1/P/436426365.html?rid=436426365&list_id=1)

By now, most of us have heard about MFA and its importance as a security control to help thwart ransomware attacks. MFA is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN. I think we’ve all experienced the painstaking process of implementing MFA following the shift to remote work as a result of the ongoing pandemic. Last year, MFA became a minimum requirement to get an underwriter to consider renewal options for our clients or to look at new business for clients that did not currently purchase.

This year EDR has started to become a focus for insurance carriers, similar to what we saw with MFA. Many insurers are requiring EDR, while those who are not yet requiring it as a minimum security control are looking at it as a strongly recommended one.  More favorable options can be anticipated if clients have EDR implemented.  If a client has had any claims activity, we oftentimes see EDR being even more of a focus and typically a requirement.

EDR is designed to continuously monitor end user devices to detect and respond to cyber threats. An EDR

solution monitors all endpoints (laptops, servers, workstations) in the environment and creates more visibility.

This makes it easier to detect and respond to incidents with speed.

If you do not have EDR, you should engage a network security firm for assistance. Please contact me for a list of referrals.

Other forms of network security include:

  • Email filtering
  • Managed Detection & Response (MDR)
  • Reliable backups with multiple copies and the ability to restore from these backups. It is essential that the ability to restore is tested regularly.
  • Tested Incident Response Plan
  • Removal of End-of-Life Software or segmentation
  • Dark Web Monitoring
  • Employee Training

The best way to navigate this turbulent cyber market is to be properly prepared with effective network security implemented well in advance of renewal. Have these conversations with your broker at least 6 months prior to renewal.

JENNIFER WILSON, SVP
National Cyber Claims Lead
Cyber Practice Leader
Direct line: (978) 661-6625
Email: Jennifer.Wilson@hubinternational.com

Share

Related

The Emergence of Virtual Health in the Healthcare Industry

Virtual health is a slowly emerging path in the...

Rethinking the Future on Wheels

As much as we try to fulfill them, there...

Embracing a New Identity

It is one thing for us to be able...

An Epic Crypto Blow

There are many skills that a human being ends...

The Story of Risky Meals

There are a plethora of things that our predecessors...

Coding your colleagues and clients

Burnout is one of the larger problems in most...

The Digital Heist

Whether we like it or not, a human life...

Registration Now Open for CDAO Fall 2025 – North America’s Premier Data & Analytics Event

Join 400+ Data, Analytics, and AI Leaders This October...

Powering a GenAI Take to Transform Business Documentation

AveriSource, a U.S.-based independent software vendor and leading provider...

Latest

No posts to display

No posts to display