Share this Post
Cyber risks are at the top of the agenda for companies of all sizes, across all sectors. The consequences of a cyber event can be far-reaching and result in losses both financial and reputational.
But many cyber claims are preventable. And indeed, it’s possible to improve your organisation’s cyber security controls and processes simply by fine-tuning the way you use tools and resources that you already have at your disposal.
In its recent Cyber Services Snapshot report, cyber risk and insurance expert Beazley, outlines some of the often underestimated – and underused – cyber risk prevention features that many organisations already have at their fingertips – and would be well-advised to take advantage of.
According to the snapshot report, Beazley’s cyber services team sees reports of cyber incidents that could have been avoided if organisations have taken steps to make full use of security measures they have already paid for.
One such example is outbound network filtering. Limiting outbound network connections to known and approved flows only allows servers to communicate solely with pre-defined destinations, which prevents those servers – or the software they host – from communicating with cybercriminals’ servers.
In most cases, this filtering can be achieved by using pre-existing tools and firewalls.
Another great example where pre-existing tools can be used to boost cyber resilience is the use of multiple factors for authentication, rather than relying on one factors like a password. Multi- Factor Authentication makes it more difficult for cyber criminals to infiltrate a system – and many cloud-based platforms already offer MFA as a baselines security feature at no extra cost.
Companies should, Beazley notes, always ensure that MFA is turned on.
To limit the potential success of any system compromise, companies should also segregate administration accounts and limit their scope, according to the report. Using purpose-dedicated service accounts will limit the potential wider impact of one account being compromised.
And other pre-existing services, like encryption tools or password solutions are great ways that organisations can take steps to prevent cyber incidents, the report explains.
These tools, it says, are like a sword – if an organisation uses them first, then potential attackers will not be able to grab them from you. But leave them languishing and an attacker might be able to take them and ensure that you avoid a serious reputational risk incident.
The full report can be accessed Preventable claims | beazley
The descriptions contained in this communication are for preliminary informational purposes only. Coverages can be underwritten by Beazley syndicates at Lloyd’s or Beazley Insurance dac or Lloyd’s Insurance Company (“Lloyd’s Brussels”) and will vary depending on individual country law requirements and may be unavailable in some countries. Coverages are available in this US on a surplus lines basis through licensed surplus lines brokers. The exact coverage afforded by the products described in this communication are subject to and governed by the terms and conditions of each policy issued. The publication and delivery of the information contained herein is not intended as a solicitation for the purchase of insurance on any US risk.
Subscribe to get updates from Insurindex
Be the first to get new indexes, reports, events, insights and more