March 2, 2022 | By stephen

Share

MFA Is Now Mandatory for Cyber Liability Insurance

• Cybersecurity

Several cyber liability insurance providers now require businesses to adopt multi-factor authentication to qualify for coverage. Here’s why and how to meet the MFA mandates.

VIDEO: The Number One Thing You Better Have For Cyber Insurance | LeadingIT 064

Data Breaches Are on the Rise

According to Gartner, the global information security market will skyrocket to a record $170.4 billion this year. However, even with the increasing spending on data security, the cost of breaches is still high. IBM estimates each cyberattack costs organizations $3.86 million. By any standard, this can be a massive financial setback.

Therefore, most businesses get cyber liability insurances to shield them from the potential losses because of cyberattacks. For example, Colonial Pipeline already filed a $4.4 million compensation claim with its insurer to cover the ransom paid to hackers in May last year.

What Are Cyber Liability Coverages?

Cyber liability insurances cover an organization’s losses from cyber incidents. Cyber liabilities are typically not part of standard property policies. So, most companies acquire supplemental or standalone cyber liability coverages to safeguard their data and IT infrastructure. Depending on the insurance carrier, a cyber insurance policy can cover losses from:

• Loss or destruction of the company’s data
• Disruption of your operations
• Crisis management
• Arising legal expenses
• Ransomware payments
• Response to the incident
• Post-incident investigation
• HIPAA, GDPR, and other regulatory bodies’ non-compliance penalties

Cyber insurance costs are increasing as attacks surge

As more organizations consider liability coverage a crucial cybersecurity strategy, PwC approximates that the global cyber insurance market will reach $7.5 billion within the next ten years. However, the brisk growth doesn’t automatically mean that the insurance providers are turning profits. The increasing cost of data breaches has led to massive payouts and losses from the carriers. According to Cyber Economics, the insurance market registered an average loss ratio of 103% last year.

Naturally, the insurers must transfer the losses because of cyberattacks’ cost increments to businesses seeking coverage. A recent study by Aon PLC projects that the cyber liability insurance cost will soar by 20-50% this year. The other strategy that the carriers are adopting to prevent massive payouts is asking businesses to implement MFA to qualify for coverage.

Why Is MFA Mandatory for Cyber Insurance?

Initially, you could acquire a cyber liability insurance cover without meeting any stringent cybersecurity requirements. However, as the demand for coverage increases and claim severities spike, insurers have become more interested in organizations’ security controls. The less elaborate your cybersecurity measures are, the higher your insurance costs may become. Sometimes, the carrier may reject your application or ask you to tighten your security controls and reapply.

One of the cybersecurity solutions that most cyber liability carriers are keen on is MFA. And reasonably so—the implementation of MFA can drastically reduce your exposure to data breaches. Verizon’s 2021 Data Breach Investigation Report shows that up to 61% of breaches begin as credential thefts. A similar study by Threat Post reveals that stolen passwords and other shared secret accounts are the leading cause of ransomware, which resulted in almost 50% of last year’s cyber insurance claims. Therefore, by demanding mandatory MFA implementation, insurance carriers are not only protecting you but also cutting their exposure.

Why Is MFA So Important?

Multifactor Authentication, MFA, refers to the use of multiple verification methods to identify users before granting them access to accounts. To log in to an account, you must have at least two of the following authenticators:

• Something you know—username and password, pin, or secret questions
• Something you possess—a device that has logged into the account before or token
• Something you are—fingerprints, Iris Scan, FaceID, or behavioral analytics like your typing pattern

Benefits of enabling MFA

MFA isn’t just a way to meet cyber liability insurance requirements; it’s an essential data security solution that every Chicagoland business should take seriously. You can implement it internally or outsource help from an IT service provider. Although no cybersecurity solution guarantees surefire protection, MFA can significantly enhance your cybersecurity posture. Here’s how:

• MFA provides an extra layer of protection: Passwords are undoubtedly the most crucial intrusion prevention method, but they’re not enough. You need an additional security layer if the bad guys compromise your passwords, and that’s what MFA offers. An actor who steals your passwords cannot access the organization’s files unless they have legitimate user fingerprints or a company-given gadget.
• MFA eliminates the need to remember too many passwords: The best cybersecurity solutions are those that safeguard your systems without compromising user experience. MFA secures your network without requiring complex policies and laborious password resets users may find hard to remember. That also relieves your IT support services provider or team to focus on more strategic tasks.
• MFA enables you to adapt to the changing work environment: Let’s face it—the work-from-home model is the new norm. Upwork approximates that 25% of U.S. employees will be working remotely this year. With your staff scattered in multiple locations miles apart, MFA ensures that even if company gadgets land in the wrong hands, the bad guys don’t use them to access your network.

LeadingIT offers 24/7, all-inclusive, fast, and friendly technology and cybersecurity support for nonprofits, manufacturers, schools, accounting firms, religious organizations, government, and law offices with 10-200 employees across the Chicagoland area.