The implementation of Cybersecurity controls are essential for any size business. Cybersecurity controls help mitigate the chances of hackers gaining access to critical systems and stealing passwords, personal data, sensitive information, and financial data. One important control that is often overlooked by smaller organizations is the use of cyber insurance. Some organizations find security protocols irritating, so it is important to know why certain security steps are necessary and why they are common questions that insurance companies may ask when renewing or applying for cyber insurance.
Two-Factor or Multifactor Authentication
Multifactor authentication prevents an attacker from logging in even if they somehow obtain a user’s username and password. Many users have the habit of reusing the same usernames and passwords at more than one website, so when attackers figure out a username and a password for one site or service, they will try that same username and password on other sites – a process known as “credential stuffing.”
The most basic form of two-factor authentication is the text message. The user enters their username and password, and then they receive a text message containing a code they must enter to complete the login process. Even when an attacker has the username and password of a user, they can’t log on because they don’t have that second factor.
Password Management Tools for Users
Password Manager tools allow users the freedom of not needing to remember passwords, because, after all, having to remember a password is a primary reason people reuse them. But when users have different passwords for all their logins, credential stuffing fails.
Most browsers now ask the user if they want to remember a password – that’s not a password manager. A Password Manager is a separate program that uses a plug-in to integrate with the browser to make it more difficult for an attacker to access usernames and passwords. Therefore, a Password Manager is more secure than storing passwords in browsers because attackers often have easier access to browsers than to password managers.
Geo-Blocking and Geo-Filtering
Geo-blocking and geo-filtering block connections or authentication requests based on geographic location. For example, if users are only logging in from a specific country or countries, then IT teams can set up systems to only accept user logins from those geographical locations. That way, if somebody tries to log in from another country, they won’t even get the opportunity. They’ll just get bounced. Caveat: Attackers in a different country can work around geo-blocking using a proxy, which means that they compromise a computer in the US, for example, and then try to log in through the computer located in an approved location. However, blocking and filtering adds an extra layer of security and deterrence to existing cybersecurity measures.
Local Administration Privileges
Local Administrator Privileges are terrible from a security perspective because local administrators can install applications and perform many other functions. If an attacker compromises a user’s login account, the attacker will have the same level of access as the user they compromised. It is essential that users are restricted only the level of privileges needed to do their work. If a user’s job or status changes, privilege levels can easily be changed to match.
Why This Matters
Think of cybersecurity and cyber insurance as components of risk management. Any sized business should take steps to safeguard their data and their customers’ data from cyber-attacks. Cybersecurity controls, such as the ones mentioned above, and the use of cyber insurance are critical measures that could help your organization limit the financial and reputational damage that could result from the “all to frequent” cyber-attack.
SLK’s Risk Advisory professionals can assist your organization in implementing a robust cybersecurity program or we can evaluate your current cybersecurity program to help identify potential gaps or weaknesses. To discuss how SLK can assist you, give us a call at (954) 374-0555 and ask for Stan Lexow, Partner Risk Advisory.
Source: Journal of Accountancy, “Advice from an Expert on Cyber Insurance Coverage”