Cyber Risk Insurance ChangesIT Resource
With ransomware attacks on the rise, the cyber risk insurance marketplace is evolving and now requiring companies to implement stronger controls to boost their protection.
It’s not just regulated industries or large enterprise companies getting hit with attacks; hackers are targeting everyone because they know businesses, both large and small, will do anything to get back up and running as quickly as possible.
The increased severity and frequency of ransomware attacks have led cyber risk insurance companies to modify their policy requirements in an effort to reduce risk. Insurers are now requiring Multi-Factor Authentication (MFA) as a minimum control that must be in place in order to be eligible for a cyber risk policy. Remember, if you store client or employee data, accept credit card payments, or your employees use computers in their daily work, you need cyber risk coverage.
MFA works as an added layer of protection to verify that people are who they say they are when logging into a system. MFA also allows you to gain insight into every device accessing your environment, without the use of agents.
Cyber risk insurers are requiring the following security controls at a minimum:
Multi-Factor Authentication for Remote Network Access: This security control helps reduce the potential for a network compromise caused by stolen or lost passwords.
Multi-Factor Authentication for Administrative Access: This security control helps to prevent intruders that have compromised an internal system from getting higher privileges and greater access to a compromised network.
Multi-Factor Authentication for Remote Access to Email: This security control helps reduce the potential for a compromise to corporate email accounts caused by lost or stolen passwords.
With ransomware attacks constantly evolving, MFA is an absolute must for every organization. If you want to learn more about how to reduce your risk of a ransomware attack or would like help implementing MFA controls in your environment, contact us at email@example.com or 616.837.6930. Our team is here to help!