2022 Cyber Insurance Renewals; EDR is the new MFA

An AM Best analysis predicts that the hard market in cyber is “here to stay”, despite significant rate increases and a 75% boost in cyber insurance premiums in 2021. Citing standalone cyber premiums increased by 95% in 2021, surpassing the combined premiums of standalone and packaged premium totals for 2020. These stats do not carve out middle market from the larger risks, but it is consistent with what we’re seeing in our space.

(https://www.advisen.com/tools/fpnproc/fpns/articles_new_1/P/436426365.html?rid=436426365&list_id=1)

By now, most of us have heard about MFA and its importance as a security control to help thwart ransomware attacks. MFA is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN. I think we’ve all experienced the painstaking process of implementing MFA following the shift to remote work as a result of the ongoing pandemic. Last year, MFA became a minimum requirement to get an underwriter to consider renewal options for our clients or to look at new business for clients that did not currently purchase.

This year EDR has started to become a focus for insurance carriers, similar to what we saw with MFA. Many insurers are requiring EDR, while those who are not yet requiring it as a minimum security control are looking at it as a strongly recommended one.  More favorable options can be anticipated if clients have EDR implemented.  If a client has had any claims activity, we oftentimes see EDR being even more of a focus and typically a requirement.

EDR is designed to continuously monitor end user devices to detect and respond to cyber threats. An EDR

solution monitors all endpoints (laptops, servers, workstations) in the environment and creates more visibility.

This makes it easier to detect and respond to incidents with speed.

If you do not have EDR, you should engage a network security firm for assistance. Please contact me for a list of referrals.

Other forms of network security include:

  • Email filtering
  • Managed Detection & Response (MDR)
  • Reliable backups with multiple copies and the ability to restore from these backups. It is essential that the ability to restore is tested regularly.
  • Tested Incident Response Plan
  • Removal of End-of-Life Software or segmentation
  • Dark Web Monitoring
  • Employee Training

The best way to navigate this turbulent cyber market is to be properly prepared with effective network security implemented well in advance of renewal. Have these conversations with your broker at least 6 months prior to renewal.

JENNIFER WILSON, SVP
National Cyber Claims Lead
Cyber Practice Leader
Direct line: (978) 661-6625
Email: Jennifer.Wilson@hubinternational.com

Share

Related

Why Is Phishing Awareness Training Important?

Security awareness training courses, while inherently valuable to any...

Safer Driving = Lower Bills

Even though human beings are known to be pretty...

Altering the Retail Game Forever

As comforting as it sounds to settle into a...

Wiki Finance Expo Bangkok 2024 is Coming in September!

Regulation, Crypto, Web 3.0, Forex, Payments Will Be in...

The Way Telemedicine is Transforming with Technology

The telemedicine space is at a tipping point with...

Microsoft to alert enterprise security teams when nation-state attackers target their employees

Enterprise security software comes in many forms and flavors....

The Simulation Century: The Highest Moral Purpose of High Performance Computing in the Metaverse

Recently I interviewed one of the early pioneers of...

Defogging the Crypto Picture

Human beings can do a lot of things really...

Latest

No posts to display

No posts to display