JumpCloud Community

This is a guest post written by Heather Thornburg from Wade Associates Insurance & Risk Management. I asked Heather to put together some tips after an IT Hour a couple of months ago. They shared 8 Best Practices that Insurance Carriers are looking for and a questionnaire to see how you’re stacking up. I've modified it slightly to help with flow, but these are things you should review before you renew or consider getting this type of insurance. **This information is not sponsored nor endorsed by JumpCloud.**

Of note when I mentioned the concern about filling out insurance applications and how difficult that can be: "With regard to the questions on applications, I feel very much like the problem is with the relationships. We treat our clients as partners. We want you to do what you do best. We learn about your business and then we do what we do best. Through conversations and evaluating your business, most questions can be easily answered. We handle the process together, not leave it on your lap. We are also working on condensed applications with carriers (still working on this) but in the meantime we're there to walk clients through it. That's what a partner and good risk advisor should do." Remember our vendor vs. partner conversations on the IT Hour? This is another example! You want a PARTNER when you're working on something so critical to your business.

8 BEST PRACTICES TO PREPARE FOR YOUR CYBER RISK RENEWAL

Driven by the rise in ransomware, the Cyber insurance market has changed dramatically and Cyber insurance carriers are requiring new security controls and procedures to be implemented. Wade Associates has partnered with underwriters to identify eight best practices that companies can take to prepare for their next Cyber Risk Insurance renewal. Awareness and implementation of these controls will help you stay resilient from Cyber threats and ensure a successful renewal.

WHAT TO CONSIDER

1. Has your company enabled Multi-Factor-Authentication (MFA), for all remote access and for access to privileged accounts?
2. Does your company utilize Endpoint Detection & Response (EDR) software on their system?
3. Are your company’s backups encrypted, segregated from the primary network, and tested periodically?
4. Does your company have a protocol for updating patches and making sure they have no end-of-life
   software (software no longer supported by the provider)?
5. Has your company checked and closed any open RDP ports?
6. Does your company house Microsoft Exchange on their system versus in the cloud?
7. Does your company have a cyber-breach Incident Response Plan (IRP)?
8. Does your company conduct phishing and information security training for all employees on at least an annual basis?

CYBER QUESTIONNAIRE

(This is an example of a questionnaire that they have clients fill out to help them prepare for the insurance application.)

Evolution of the Cyber threat landscape and cyber insurance carriers experiencing record losses has led to a recalibration of Cyber insurance underwriting. Wade Associates is taking a proactive approach to help you gain an understanding of the current marketplace and assist in determining a course of action leading up to your
renewal. The following questions are widely underwritten as minimum standards in today’s Cyber market. With the assistance of your IT team, please complete the questionnaire to identify areas of cybersecurity success and opportunities for improvement within your organization.

CLIENT NAME:

DATE:

1. Multi-Factor Authentication (MFA)
   1. Do you enforce MFA to protect access to privileged or admin user accounts?
   2. Do you enforce MFA to secure all remote access to your network?
   3. Do you enforce MFA if users can access email through a web application or a non-corporate device?
   4. Do you enforce MFA to restrict access to your backups?
      
      
2. Endpoint Detection & Response (EDR)
   1. Do you use a NextGeneration EDR tool across your enterprise?
   2. Please provide the name of your EDR provider:
      
      
3. Email Security Controls
   1. Do you use Microsoft On-premises Exchange as your email service?
      -If yes, have you remediated all known issues?
   2. Do you use either O365 Advanced Threat Protection or a third-party phishing protection to pre-screen emails for potentially malicious attachments and links?
   3. Do you conduct periodic employee social engineering or phishing training?
      -If yes, what is the cadence of training?
      
      
4. Backup and Recovery Procedures
   1. Do you have an incident response plan setting forth specific action items and responsibilities for cyber events?
   2. Do you run a backup solution at least weekly?
   3. Are your backups encrypted?
   4. Are your backups kept separate from your network or in a cloud service designed for this purpose?
   5. Have you tested the successful restoration and recovery of key server configurations and data from backups in the last 6 months?
      
      
5. Have you checked and closed any open RDP ports?
   
   
6. Software
   1. Do you have a process for patch management of operating systems and critical software?
   2. Have you stopped use of any end-of-life software in your environment (i.e., Windows 7)?