2022 Cyber Insurance Renewals; EDR is the new MFA

An AM Best analysis predicts that the hard market in cyber is “here to stay”, despite significant rate increases and a 75% boost in cyber insurance premiums in 2021. Citing standalone cyber premiums increased by 95% in 2021, surpassing the combined premiums of standalone and packaged premium totals for 2020. These stats do not carve out middle market from the larger risks, but it is consistent with what we’re seeing in our space.


By now, most of us have heard about MFA and its importance as a security control to help thwart ransomware attacks. MFA is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN. I think we’ve all experienced the painstaking process of implementing MFA following the shift to remote work as a result of the ongoing pandemic. Last year, MFA became a minimum requirement to get an underwriter to consider renewal options for our clients or to look at new business for clients that did not currently purchase.

This year EDR has started to become a focus for insurance carriers, similar to what we saw with MFA. Many insurers are requiring EDR, while those who are not yet requiring it as a minimum security control are looking at it as a strongly recommended one.  More favorable options can be anticipated if clients have EDR implemented.  If a client has had any claims activity, we oftentimes see EDR being even more of a focus and typically a requirement.

EDR is designed to continuously monitor end user devices to detect and respond to cyber threats. An EDR

solution monitors all endpoints (laptops, servers, workstations) in the environment and creates more visibility.

This makes it easier to detect and respond to incidents with speed.

If you do not have EDR, you should engage a network security firm for assistance. Please contact me for a list of referrals.

Other forms of network security include:

  • Email filtering
  • Managed Detection & Response (MDR)
  • Reliable backups with multiple copies and the ability to restore from these backups. It is essential that the ability to restore is tested regularly.
  • Tested Incident Response Plan
  • Removal of End-of-Life Software or segmentation
  • Dark Web Monitoring
  • Employee Training

The best way to navigate this turbulent cyber market is to be properly prepared with effective network security implemented well in advance of renewal. Have these conversations with your broker at least 6 months prior to renewal.

National Cyber Claims Lead
Cyber Practice Leader
Direct line: (978) 661-6625
Email: Jennifer.Wilson@hubinternational.com



An Exclusive Social Experience

The trajectory of a human life is largely decided...

The Key Trends for Enterprise Security

Major enterprises will continue adopting more public cloud solutions...

Carving Out a New Slice in the Pie

Human beings are known to be good at a...

A New Threat on the Block

A human life goes through various different trends over...

Technology outlook in the Healthcare industry for 2021

To say that 2020 was a strange year is...

CSAA Insurance Group Joins the Institutes RiskStream Collaborative

The Institutes RiskStream Collaborative, the risk management and insurance...

Paving the New Way

The discussions about our much documented transition to modernism...

Capturing the Changing Picture

Even though we don’t need to be told about...

Conceiving a Whole New Framework for Energy Consumption

A human skill-set is loaded with value in every...

Caden Secures $3.4 Million in Pre-Seed Funding; Plots a Data Collection Revolution

We humans might not know everything right from the...