Email Security

    4 Steps to Strengthen Your Cyber Insurance Strategy

    Cyber insurance is expensive and limited in coverage, but these steps can help you get a policy with the best possible terms and rates

    by Neil Clauson

    Key Points

    • As cybercrime escalated in recent years, insurers sharply increased premiums and tightened coverage.
    • To get adequate coverage at a reasonable rate, take these four steps: understand your risk profile, reduce your attack surface, maximize your security controls, and communicate quantifiable results to insurers.

    Cyber insurance companies have set a higher bar for policyholders to demonstrate that their risk management practices are up to par, and they are cutting back on what they’ll cover. For instance, many insurers have dropped coverage of cyberattacks by state-sponsored actors from their policies. 

    Modern security strategies are designed to provide the brakes that allow organizations to go fast and innovate, within reasonable cyber risk parameters. One way to balance this tension is by purchasing cyber insurance policies to cover expenses such as incident response, crisis communications, and forensic investigations. 

    As security professionals, we aim to prevent any attack, but in the end, it comes down to a cost/benefit analysis. Applying best practices can help manage the current environment and maintain optimum cyber coverage while holding down costs.

    Understand Your Risk Profile

    Many factors will affect your risk levels: Which industry are you in? Which targets in your sector are on attackers’ radar? How much sensitive data do you have, and what would it be worth on the Dark Web?

    Business impact assessments, threat intelligence, and risk analysis are all useful tools to understand the position you’re in and articulate it to stakeholders. Your understanding of risk may differ from your insurance provider’s, so maintaining a strong relationship with your insurer and your finance and legal teams will avoid surprises.

    Reduce Your Attack Surface

    It’s just good practice to limit your cyber exposure. So, implementing and maintaining good security controls is about practicing good hygiene throughout the year, not acting heroically when it’s time to renew your policy.

    Ask yourself: Is there something exposed externally that shouldn’t be? Having good IP and subnet mapping can ensure that your insurance isn’t affected by assets you don’t even know you have. In addition, tools such as domain-based message authentication, reporting, and conformance (DMARC) guard against email spoofing, a significant risk that insurance providers zero in. Other helpful practices include human-risk-centric security awareness and training, consistent patching, and segmenting guest Wi-Fi traffic from your company network to prevent malware infections. Look at it all from an insurer’s perspective: Why would they give you the protection of a policy if your organization won’t take such basic steps? 

    Organizations with more mature security structures can find breach attack simulation tools helpful. These can mimic different types of attacks through your defense stack to make sure you can detect and block them. This exercise not only improves your defenses, but it enables you to tell a good story to your insurer about your proactive efforts.

    Maximize Your Security Controls

    Use the levers you have to reduce the frequency and severity of attacks, such as data encryption, backups, and least privilege access. Additionally, leverage APIs and ecosystems to connect your tools for greater efficacy. Mimecast has over 200 integrations that can, for example, take threat intelligence all the way from email systems through your endpoints. That kind of approach also lets you tell a good story both to your internal stakeholders and your insurer.

    Some tools may have become rote in your everyday activities; we often refer to “alert fatigue” affecting email security. But upgrading some of those efforts, for example, by using banner notifications to alert of suspicious emails, can refresh and upgrade their effect. Bannering can also give employees options to respond to a warning — reporting an email or marking it safe, for instance. This, in turn, can help machine learning improve your screening for malicious emails.

    Put Your Best Foot Forward

    Focus on things within your control that can produce material impact on your risk profile. Tabletop exercises can teach you how to respond effectively across the scope of stakeholders who will be involved if attacked, enabling everyone to make decisions quickly and in alignment with business requirements. Running simulations of different incidents is a great way to test yourself and your team. The U.S. Cybersecurity and Infrastructure Security Agency and the U.K. National Cyber Security Centre both provide tabletop exercise templates.

    These preparations also help you tell a convincing story to insurers. They let you show that you have a resilient risk management program and can deliver the kind of high-quality security necessary against the quantity of alerts you are facing in a consistent manner. Insurance providers are looking for something more than anecdotal evidence of your cyber risk management, so any evidence of people, process, and technology measures that can be quantified is a plus. 

    The Bottom Line

    Insurance providers are not in the business of losing money, so their terms have been tightening amid rising cyberattacks, with higher premiums and decreased coverage. By identifying and reducing risk, securing your network for all users (including customers and suppliers), and telling a good story to your insurance company, your company can look to get better insurance coverage at a more affordable rate.

     

     

    **This blog was originally published on December 12, 2022.

    Subscribe to Cyber Resilience Insights for more articles like these

    Get all the latest news and cybersecurity industry analysis delivered right to your inbox

    Sign up successful

    Thank you for signing up to receive updates from our blog

    We will be in touch!

    Back to Top