CybersecurityDETAIL

Cybersecurity Controls are Driving Insurance Renewal Terms and Pricing

02/15/2022 Written by: Maureen Gallagher

Cyber insurance pricing has increased significantly in the last several years. Loss frequency and severity is driving the pricing increases with ransomware as the loss leader. Underwriters are scrutinizing internal controls, and are either providing very low limits ($100K to $250K), or are no longer willing to write ransomware without multi-factor authentication (MFA). MFA is a security setting that requires users to provide more than one method of verification to gain access to websites or applications. It is also referred to as two-factor authentication.

MFA is the top requirement, but underwriters will also inquire about the following:

Sender Policy Framework (SPF) – An email authentication technique used to prevent spammers from sending messages on behalf of your domain.

DomainKeys Identified Mail (DKIM) – An email authentication method that allows senders to associate a domain name with an email message, thereby proving its authenticity.  A sender creates the DKIM by “signing” the email with a digital signature.

Domain-based Message Authentication, Reporting, and Conformance (DMARC) – An email authentication protocol that uses SPF and DKIM to determine the authenticity of an email.

Next Generation Anti-Virus (NGAV) – A software that uses predictive analytics driven by machine learning and AI, and combined with threat intelligence to detect and prevent malware, identify malicious behavior, and respond to emerging threats. NGAV works in hand with Endpoint Detection and Response (EDR). EDR centrally collects and analyzes endpoint data across the entire company to examine potential threats. NGAV should be rolled out throughout the company and be centrally monitoring and analyzing all endpoint activity.

Companies with an upcoming policy renewal without the security measures are binding unfavorable coverage with higher pricing and lower limits than implementing the fixes with the intent to go back to market to improve its offering after the “fixes” are implemented. Unfortunately, underwriters are not open to marketing midterm. Carriers are not discounting pricing if new controls are implemented “today”. While it is absolutely a better risk, threat actors could already be in a system. Most hackers hang out in the target’s system for a few weeks/months before they perform a ransom demand or exfiltrate data. So, even if MFA/EDR was implemented “today”, carriers will not adjust coverage or apply a credit to pricing until at least 90 days have passed since new controls are in place, as that gives some wiggle room to make sure a hack has not already occurred. Studies reveal it takes about 220 days to figure out hackers are inside a system. If new controls are implemented today, it does not mean the hackers are not inside the system already.

Insurers are increasingly tightening underwriting requirements and stipulating that organizations adopt security controls that can make a measurable and positive impact on a company’s exposure to cyber risk. The time to act is now. Implementing security measures should start as soon as possible. Don’t wait until renewal to find out your company falls short. Contact your AssuredPartners Real Estate Specialist for a comprehensive cyber security scorecard and average cost of a data breach for your company.

Preparing-for-Insurance-Carrier-Inspections
Preparing for Insurance Carrier Inspections
Blog10/25/2024
real-estate

Loss control plays an essential role in managing commercial real estate risks, ensuring compliance and the protection of assets. In any business, especially real estate, preparing for insurance...

6-Essential-Loss-Control-Strategies-for-Multifamily-Housing
6 Essential Loss Control Strategies for Multifamily Housing
Blog09/23/2024
real-estate

In commercial real estate, multifamily housing has unique risks that property owners and managers must navigate. Whether you're managing apartment complexes, condominiums, or other multifamily...

Navigating-the-Aftermath-A-Guide-for-the-First-48-Hour-After-a-Disaster
Navigating the Aftermath: A Guide for the First 48 Hours After a Disaster Has Struck Your Property
Blog08/19/2024
real-estate

Whether your property has just weathered a category five hurricane or a raging forest fire, the first 48 hours after a disaster are essential to recovering that property and ensuring business...