Cyber Liability: Minimum Security Standards
Any business that uses technology or collects data is at risk of a cyber-attack. Cyber insurance generally covers your business' liability for a data breach that involves sensitive customer information, including Social Security numbers, credit card numbers, account numbers, and driver's license numbers. Cyber insurance can be essential in helping your business recover after a data breach in the following ways:
- Notifying customers about a data breach
- Restoring the personal identities of affected customers
- Recovering compromised data
- Repairing damaged computer systems
Any business storing data on a network is exposed to cyber security risks. Data privacy attacks now occur every 40 seconds in the U.S. Because these attacks have become so common, there are now minimum security requirements that insurance carriers are looking for prior to offering coverage terms. A handful of the most crucial requirements are outlined on the following page.
If you need assistance procuring a cyber quote, please contact NCHARRP for help.
Remote Desktop Protocol
RDP is a dominant attack vector for ransomware.
Recommendations to secure RDP include:
- VPN
- Encryption
- RDP Gateway
- Complex Passwords
- Multi-Factor Authentication
- Restrict access via a firewall
- Enable Restricted Admin Mode
Multifactor Authentication
In addition to securing RDP, insurers are looking for insureds to utilize MFA to secure:
- Network Access
- Privileged User Accounts
- Virtual Desktop Instances (VDI)
- Cloud resources, including Office365
Additional Safeguards Include:
- Placement Within the Network
- Network Level Authentication (NLA)
- Limit Domain Administrator Account Access
- Regular cybersecurity awareness & phishing training
- If using O365, Microsoft Defender for Identity cloud based solution
- Minimize the number of Local Administrator Accounts and ensure each is unique
- Use of an account-naming convention that does not reveal organizational information
- PAM (Privileged access management)
- Patching cadence/policy
- Service Account/Domain admin account management
- End-point detection and response (EDR) practices
- SIEM - event monitoring and log management
Back-up Policies
Property secured back-ups reduce the severity of Ransomware losses. Recommendations include:
- Encrypting backups
- Segregating backups; physically stored offsite and offline
- Regular testing backups for data integrity and restorability
- Regularly performing full and incremental backups of data
- Annual testing of Incident Response/ Business Continuity Plan