Cyber-Defense Starts by Taking Action


By Nate Heying and Monica Minkel


If the bad guys out there can’t score against your digital defenses, you win.

Now more than ever, it is important to be proactive about cyber-security. As the cyber insurance marketplace evolves, companies need to be aware of direct risks and understand the criteria that will be most essential in protecting against cyberattacks.

There is no shortage of cyberattacks in the news. Ransomware attacks continue to evolve and intensify at a rapid pace, impacting companies of every size. All companies can benefit from dedicated cybersecurity programs focused on proven best practices in order to stay ahead and be aware of potential risks. 

Complex and unique passwords are an important element to secure legitimate access. However, the essential first step is to ensure that multifactor authentication (MFA) has been properly enabled throughout the organization. Employers should validate that email and all remote access to an organization’s network and all privileged or administrative access require multiple security steps. MFA remains one of the best tools to reduce unauthorized access and minimize the chance of leaving sensitive data exposed. 

We know that it is necessary to implement a patch management strategy to enact updates, fix bugs, and correct errors in a company’s software. Programs are constantly changing, and vulnerabilities are discovered. Companies need to be vigilant about fixing known issues as soon as they can to prevent exploitation by hackers. When a company is exposed to ransomware or another outage, backup management is critical to restoring operations. Backups should be complete, recent, segregated, and tested regularly. The best defense against a ransomware attack is often recovery from backups.

Companies should engage in employee awareness training on cyberattack risks and techniques. Phishing awareness is an important element of ransomware prevention. Phishing exercises can support and measure the effectiveness of security awareness and enhance the security of a company’s data. Establish a process for reporting suspicious activity. It is important to address problems quickly and efficiently without threatening the whole company.

The last critical proactive cyber risk component is the development of a clear response plan. Having a crisis-management strategy for a cyberattack is critical to quickly and cost-effectively address and recover from a possible data breach. A response plan outlines steps to be taken after a cyber breach is discovered, including who will be responsible for the next steps. Establishing a response plan also determines which outside organizations need to be involved, including legal counsel, forensics, information technology resources, law enforcement, etc. Be sure your vendors are pre-approved by your cyber carrier and that engagement of cyber insurance is part of your plan. 

The past 24 months have brought many changes to the cyber insurance marketplace. Premiums have increased significantly, and some coverages are being reduced. We have watched changes in the underwriting process and enhanced scrutiny of internal controls and processes. We are seeing the utilization of vulnerability scanning much more frequently. 

Most major insurance carriers now use some sort of external vulnerability scan to inform their underwriting process. Some use third parties like BitSight, BlackKite, Security Scorecard, or Upguard, while others have their own proprietary scans. These scans identify specific gaps in security that can be visible from outside and help to identify areas of vulnerability within the network. Addressing these known vulnerabilities early can streamline your cyber renewal process.

Executives should know that it’s not just your own risk profile that you need to be concerned about. Businesses should conduct thorough and periodic due diligence throughout the course of relationships with critical vendors and third-party providers. Companies need to evaluate potential risks and vulnerabilities if the vendor or third-party provider suffers a cyberattack. Many of the large-scale attacks have been launched through vendor networks and even IT service providers. Know your vendors and know your risk.

A comprehensive cyber insurance policy is essential to every company. Cyber insurance helps companies recover from and stay resilient against a cyberattack. Of course, there’s no-one-size-fits-all solution when it comes to cyber insurance. Businesses should work with a competent agent or broker that understands their business and has a specialty in the cyber insurance market to develop solutions and policies uniquely tailored to their needs. Cyber coverage can vary widely, and companies need to ensure their policy is clear and that any coverage gaps do not exist. 

Overall, cyberthreats are alarming and can happen at any moment. Companies should be proactive and aware, in addition to embracing and executing a comprehensive security approach.  

About the author

Nate Heying is vice president for property/casualty, and Monica Minkel is vice president and executive risk enterprise leader for Holmes Murphy & Associates, which has offices in Kansas City.

P | 816.857.7804
E | nheying@holmesmurphy.com

P | 720.622.8253
E | mminkel@holmesmurphy.com