Basic security precautions can help you and your clients prepare for and mitigate against the vast majority of modern cyber threats.
Microsoft’s latest Digital Defence Report has identified five cyber hygiene practices that can have a major impact on reducing threats. The vital five that can protect you from 98% of cyber attacks are:
- Enable multifactor authentication
- Apply least privilege access
- Keep software up to date
- Use anti-virus software
- Protect your data.
Jeff Gonlin, Emergence Insurance’s Head of Underwriting & Product Development, says the five steps are akin to simple measures we take in other areas to protect ourselves and our assets.
“We install alarms and sprinklers to protect property. We learn basic First Aid, we lock doors when we leave home, and we encourage safe driving techniques for friends and family,” he said.
“Likewise, these five simple steps can protect ourselves and our businesses against cyber crimes, which are now highly organised and rampant. Cyber insurance is a last-step defence; we need to improve our cyber security to ensure coverage is even available.”
Jeff says the five low cost, yet highly effective steps are essential to reduce the rapidly increasing number of cyber crimes and their potentially devastating impacts on us personally and on our businesses and clients’ businesses.
Multifactor authentication (MFA) makes it harder for attackers to use stolen or phished credentials. Without the additional factor, attackers can’t access accounts or protected resources. Enable MFA on all accounts that support it, and ensure people understand not to approve an MFA request unless they were trying to log in or access a system. Some people automatically click to approve any pop-ups they receive.
Least privilege access
Prevent attackers from spreading across your network by applying least privilege access principles, which limit user access to just in time (JIT) and just enough access (JEA). JIT/JEA systems ensure users get only the access rights needed to perform specific tasks and only for as long as needed to complete them. Combine that with policies that deny access to resources if there is any doubt over the hygiene of an account or device.
Keep up to date
Keep applications up to date and correctly configured to mitigate against the risk of software vulnerabilities. Implement a means of updating all software and applications on all machines and endpoints so you always have the latest updates and patches. Restrict devices missing critical patches from accessing sensitive resources. Same applies for cloud services – use cloud security posture management to ensure systems are configured correctly.
Use anti-virus software
Install and enable anti-virus solutions on endpoints and all devices to stop malware attacks from executing. Use cloud-connected anti-virus services for the most current and accurate detection capabilities.
Protect your data
Know where your sensitive data is stored and who can access it. If a breach occurs, it’s critical that security teams know where the most sensitive data is stored and accessed. As we increasingly collaborate and share data, we must ensure we understand what data we have, classify it accurately, and apply sensitivity labels where appropriate. That enables us to use information protection and data loss prevention technologies to protect data with greater confidence.
To access the broker portal to obtain Emergence cyber quotations for your clients, email firstname.lastname@example.org.
Emergence is an award-winning underwriting agency, exclusively focused on providing flexible, innovative cyber insurance solutions to help protect all Australians, including businesses ranging from SMEs to ASX-listed companies, and individuals and families.
Emergence was judged the 2019 Insurance Business magazine Underwriting Agency of the Year and was a finalist in that category in 2021.
Emergence was a finalist in the same category at the 2019 ANZIIF-Asia Insurance Review awards and did not enter in 2021. (There were no ANZIIF-AIR awards in 2020.)
In 2021, Emergence was awarded Insurance Business’s Brokers Pick for the sixth time in six years and won its fourth consecutive gold medal in the Cyber & IT category of the magazine’s brokers on underwriting agencies awards.