Cybersecurity insurance tech guide: How does your stack stack up?

Zach Dressander
June 27, 2024

The modern cyber threat landscape puts a lot of strain on organizations. Teams must also contend with cyber insurance policies as they protect themselves from new and emerging threats.

Technology plays a major role in both defending against attacks and meeting insurance requirements. We’ve laid out some of the key security technologies to invest in to help your cyber insurance application while also implementing a stronger security posture.

Security controls

Controlling who has access to what resources is important regardless of whether you need to apply for cyber insurance. Given how many touch points and potential attack vectors exist in the modern IT landscape, you need a layered approach to security controls, including:

Network Security:

  • Do you have a firewall to filter incoming and outgoing traffic?
  • Is your network segmented to limit the blast radius of a potential breach?
  • Do you have a wireless network security policy with strong encryption (WPA2 or WPA3)?

Endpoint Security:

  • Do all devices (laptops, desktops, servers) have next-gen anti-virus and behavioral anti-malware software installed and kept up-to-date?
  • Do you have a system for identifying and promptly patching vulnerabilities in operating systems and applications?
  • Can you review telemetry and alert data from your endpoints to identify anomalous or suspicious behaviors?

Identity and Access Management (IAM):

  • Do you enforce strong password policies with regular password changes?
  • Do you utilize Multi-Factor Authentication (MFA) for critical systems and accounts?
  • Can you identify anomalous log-on behaviors, such as rare locations, actions, and other indicators of compromise?
  • Is there a clear process for granting and revoking access privileges based on the principle of least privilege (users only have access to what they need)?

Data security

Data is often the target for attackers and must be protected at all costs. Think about the ways you’re protecting data through these methods.

Data classification:

  • Do you have a system for classifying data based on its sensitivity?

Data encryption:

  • Is sensitive data encrypted at rest and in transit?

Data Loss Prevention (DLP):

  • Do you have DLP solutions in place to prevent unauthorized data exfiltration?

Business continuity and Disaster Recovery (BDR)

In the case of a security incident or unforeseen circumstances, you must have options in place to recover.

Backups:

  • Do you have regular backups of your critical data?
  • Are backups stored offsite and regularly tested for recoverability?

Disaster Recovery plan:

  • Do you have a documented disaster recovery plan outlining steps to restore operations in case of a cyberattack or other disruption?

Incident Response (IR)

Regardless of the outcome, responding to incidents is a must, both for maintaining proper security posture and meeting cyber insurance demands.

Incident response plans:

  • Have you developed protocols when it comes to IR procedures?
  • Are team members responsibilities clear for their roles in IR?

Security Incident and Event Management (SIEM):

  • Do you have a SIEM solution to collect and correlate logs and actions from various devices, applications, and third-party tools?
  • Can you integrate data from across your IT environment to get full visibility over attack surfaces?
  • Is there a straightforward method for detecting threats and filtering data into actionable insights?

Managed eXtended Detection and Response (MXDR):

  • Do you have a 24x7 SOC watching your back investigating and responding to incidents?
  • Does your outsourced SOC have full visibility over your environment?
  • Does your SOC give you access to the same tools and data they use to investigate?

Vulnerabilities and internal security

With layers of defenses in place, it’s time to review your environment for gaps.

Penetration testing:

  • Have you conducted penetration testing to identify vulnerabilities in your network and systems within the last year?

Vulnerability management program:

  • Do you have a process for identifying, prioritizing, and patching vulnerabilities in a timely manner?

Security awareness and training:

  • Do you conduct regular security awareness training for employees to educate them on common threats (phishing, social engineering)?

Of course, these are only a few of the technologies that make up the kind of robust security program that cyber insurers are looking for. Be sure to tailor your approach to your business’s unique risk profile, customer base, and goals.

Moving forward

  • Review this list with your IT team and management.
  • Identify areas where your organization can improve its security posture.
  • Develop a plan to address gaps and implement necessary security controls.
  • Seek out technology solutions that can bolster/streamline your security operations.
  • Document your security policies and procedures.

By proactively addressing these areas, you can not only improve your overall cybersecurity posture but also increase your chances of qualifying for cyber insurance. Doing so helps with mitigating potential financial losses from cyberattacks, both for you and your customers.

Learn more about the requirements of cyber insurance, and how a cybersecurity technology platform can help you qualify, by reading this eBook.

Stay up to date

Subscribe to receive the latest insights, news, and updates from Todyl.

Additional reading

Why I joined Todyl: Mike Hanauer
How to increase trust with cyber insurance carriers
Why MDR platform breadth and depth matters

Todyl updates

Sign-up to get the latest from Todyl sent straight to your inbox.