We have all seen the news: large corporations and government agencies alike have been under attack in cyber space.

Maybe some of your clients have been breached as well? Cyber Security Insurance might be a solution you are looking to offer to your clients. In this post we discuss some of the basics your clients can do when starting their journey to the cloud.

THE BASICS: THE FOUNDATIONS OF THE FORTRESS.

The number 1 component what matters is the level of urgency and importance executives give to securing their businesses. If cyber security is a priority, reputable providers can step in and implement a solid cloud based IT infrastructure which prevents and mitigate breaches.  No matter the size of business, big or small, every business needs a modern, up to date cyber security infrastructure. And while cybersecurity insurance premiums are going up 20-30% due to the increase in attacks, here are a few reasons why:

•  88% of companies now consider cybersecurity a business risk. (Gartner 2022)
• The average ransom payment made by PaloAlto case workers in 2022 was $300,000. (Paloalto 2022)
• 60% of companies victimized by ransomware experienced revenue loss (Thrive 2022).
• A cyber-attack occurs every 39 seconds (University of Maryland).
• About 1 in 6,000 emails contain suspicious URLs, including ransomware. (Thrive 2022).
• The average downtime a company experiences after a ransomware attack is 21 days. (Thrive 2022).

Also: Are You Affected By a Data Breach?

No fortress will hold if the foundations which must support the walls are built on shaky ground. At a minimum businesses need to implement the following:

An attitude of responsibility and vigilance. Standford university reports at 88% of breaches can be contributed to human error.

1. 1. Avoid weak and default user credentials.
   2. If sharing passwords, use a password management service. Lastpass offers service for $6/user/month for example.
   3. Implement multi-factor authentication.
   4. Keep hardware and software up to date.
   5. Make sure all staff receives basic cyber security training during on-boarding with the company.
   6. Enforce IT policies and procedures.

Implement basic cyber security services:

1. 1. Install a cloud based firewall or any other reliable form of 24/7/365 monitoring of in and outbound traffic.
   2. Store all sensitive and confidential data on platforms which have been proven to be safe – an encrypted drive or an CRM which is fully compliant. Storing sensitive data offline is also an option.
   3. Subscribe to a service which can preform routine data backup and recovery tasks.

Prepare for a possible incident:

1. 1. Create procedures around lost or stolen hardware and equipment, making sure they can be disabled as soon as equipment has vanished.
   2. Create a disaster recovery or business continuity plan and perform an annual drill, making sure it works.
   3. Communicate and educate all employees.

The world is changing quickly and our reliance on IT technology is increasing day by day. Prudent planning and management can keep businesses in the game. Digital transformation can bring opportunities and flexibility but this needs to be done in a way where the fundamentals are covered and assets remain secure.