Many organisations were forced to improve their cybersecurity when the COVID-19 pandemic forced them to go digital in 2020. Now that more cyberattacks are expected amid the conflict between Ukraine and Russia, global insurance broker Marsh has offered some tips on strengthening cybersecurity.
Marsh claimed that adopting certain controls has become essential for organisations, making it a minimum requirement for insurers and a key step for companies to help reduce their cyber risk. However, while these controls have been deemed as best practices for several years, the broker found that some companies are still struggling to adopt them, usually because they were unable to justify the implementation cost, did not deploy them comprehensively, or failed to understand or see the need for controls.
In a new four-part series, the broker will explore 12 recommended cybersecurity controls and their characteristics and requirements. The first report focused on three controls and their importance to cybersecurity:
Read more: Gallagher warns of cyberattacks amid Russia-Ukraine conflict
Marsh's report found that 80% of all cyber incidents are malicious and often start with compromised user credentials. Therefore, MFA, an additional login security layer to verify a user's identity when requesting access to a computer resource, can help companies prevent authorised remote access to computer resources. At a minimum, companies should enforce the control on critical assets, privileged accounts, and remote applications, according to the report.
“In many cases, correct MFA implementation can help prevent cyber incidents – such as a costly ransomware attack. Insurers are requiring organisations to be more cyber resilient, with MFA as a key starting point. Ultimately, this will strengthen their security and will assist them in becoming better candidates for cyber insurance cover,” the report stated.
Another essential control is email filtering and web security to combat malicious links and files that aim to insert malware into organisations' systems or steal user passwords to access critical systems.
“At a minimum, organisations should pre-screen emails for potentially malicious attachments and links and to use tools to monitor web content to block access to vulnerable websites,” the report said.
Lastly, Marsh's report advised companies to have secured, encrypted, and tested backups because a lack of available backups increases the likelihood of a victim paying a ransom to recover systems and data because they do not have another option.
“Viable backups enable organisations to recover from attacks more quickly and effectively. In the case of ransomware, having backups reduces the leverage that threat actors have over the victim and can greatly reduce the need to pay a ransom,” the report said.
