With cyber losses mounting, insurers are increasing premiums (130% in 4th quarter 2021) and imposing stricter underwriting. Here is one surplus lines broker's list of recommended security practices:
- Required virtual private network.
- Multi-factor authentication for remote and cloud based access.
- Regular cyber security training (at least annual, preferably more often) for all staff.
- Implement critical patches (recommended within two months, preferably ASAP).
- Scan incoming emails for malicious attachments or links (and have a reporting system).
- Protect all devices against virus and malware.
- Regular backup of critical data.
Not on the list - but it should be - require everyone to use strong passwords not easily detected.