THANK YOU FOR SUBSCRIBING
The Cyber Sandbox: Why Managing Your Risk is Non-Negotiable
Roy Caswell, Executive Vice President / Chief Information Officer, Liberty Company Insurance Brokers and Tony Mcintosh, Executive Vice President, Liberty Company Insurance Brokers, Inc.
Roy Caswell is the Executive Vice President, Chief Information Officer of the Liberty Company Insurance Brokers, with a proven track record for implementing transformational new products, applications, and procedures to drive improved business efficiencies, end-user productivity, margins, and revenues. He is additionally skilled at creating productive work environments and motivating high-performance technical teams. Of note, Caswell has more than 27 years of insurance industry experience and was instrumental in the nationwide implementation of the GeoVera/ USF&G Residential Homeowners Quoting system for Hull and Company.
Current state of the industry
In recent years, the game of cybersecurity has far outpaced its risk competitors and in turn, has many organizations wondering how to best protect their bottom line from cyber events. However – these efforts now require coordination between multiple parties - the c-suite, the professional consultants that broker cyber insurance policies, and the carriers that transfer the risk for the insured. Keep in mind, this has also become a significant exposure to the Board of Directors.
What’s more – the starting points, such as multi-factor authentication, encryption, and funds transfer protocols, to name a few, for an enterprise to transfer risk through insurance for cyber exposures, is now more arduous than ever before – and this is due to the industry being bombarded with cyber-related claim payouts without adequate premium reserves established.
As a result, over the last few years, expectations of the enterprise’s cybersecurity capabilities have increased due to the carriers’ results in cyber liability.
What this means for businesses
For many fast-growing enterprises, like the Liberty Company Insurance Brokers, cybersecurity is a never-ending juggling act. Between policy and procedure implementation, the systems and controls necessary for data protection, compliance with federal, state and industry regulations, as well as managing that fine line to ensure these efforts don’t impede with your team’s ability to do their jobs and service clients, cybersecurity can be challenging.
What carriers require to secure cyber protection
Based on our discovery initiatives and market knowledge, it’s important to be aware that carriers require clients to have a comprehensive, well-matured and well-documented set of IT security policies and procedures. In addition, these procedures must be championed with comprehensive tools, regular maintenance, and annual testing – and warranties must be provided to carriers when coverage is bound.
Some of the tools as mentioned above include:
• Antivirus software on all computers, laptops, and servers
• Firewalls with consistent configurations and regular patching/ updating
• Regularly scheduled end-user cybersecurity training and phish-testing
Tony McIntosh, AU, MLIS, CYB, CRIS is the Executive Vice President of the Liberty Company Insurance Brokers, providing leadership and business development services within the Liberty Company offices. He also serves as the President of their MGA, Aura Risk Management Insurance Services, tasked with building and managing programs that support Liberty clients on an exclusive basis and building out programs for select distribution to external broker partners. Of note, McIntosh was named an Insurance Business America (IBA) Hot 100 winner in 2020 and 2021, and most recently, an IBA 2022Global 100 winner.
• Documented change-management procedures
• Encryption tools and policies for data at rest and in transit
• Multi-factor authentication (MFA)
• EDR/XDR (automated endpoint detection and response)
Beyond this, businesses must be able to demonstrate proof of budget allocations for cybersecurity initiatives. This way, companies are equally invested in the outcomes and both sides of the coin are aligned.
How cybersecurity coverage is influencing D&O liability
Oversight and increased requirements for disclosure on cybersecurity are making D&O coverage extremely important. With the rise of data breaches and other cyber-related attacks, Directors & Officers are responsible for ensuring the organization is taking sufficient steps to protect their digital assets. In the case of a data breach, for example, directors can be hit with shareholder suits and derivative actions claiming a breach of their fiduciary duty to the company for failing to put adequate cybersecurity measures in place. Moreover, as a result of the increased regulatory oversight we are now experiencing, many legal experts predict there will be an increase in cyber-related D&O lawsuits.
Why cyber risks remain front & center
As a result of the changes to a remote workplace that typically provides less-secure access points for cybercriminals to exploit, cyber risks are critical now more than ever. The pandemic proved that this transition to a work-from-home environment in all industries, coupled with the introduction and accessibility of crypto currency, has proliferated the volume and damage of many of the cyber-attacks we are experiencing, most of which come from phishing attacks, a lack of MFA, EDR/XDR and the sandbox.
What you should know about cybersecurity& insurance today
In today’s volatile, and frankly scary, world of malware, ransom ware, and ‘bad-actors’ who relentlessly seek to compromise passwords through phishing and other attacks, not having MFA in place, for example, to provide an additional layer of security to user and admin accounts, represents a dereliction of duty on the part of any IT professional charged with protecting data.
EDR or XDR platforms can often be the last line of defense and the difference between stopping malware or ransom ware before an event takes hold of your environment
The real frightening part is that MFA alone, is no guarantee that the bad guys won’t still find a way to compromise your data. The dark web is filled with sources that can obtain credentials and MFA tokens that have been compromised. Thus, while not having full MFA implementation can ‘ding you’ on a cybersecurity compliance audit or questionnaire, if the real objective is securing data and protecting your company, there has to be something else, which is where EDR/XDR comes in.
EDR or XDR platforms can often be the last line of defense and the difference between stopping malware or ransom ware before an event takes hold of your environment, or a large payout of Bitcoin, public announcements, stock devaluations, and loss of trust with clients.
Overall, when the enterprise has a proper cyber sandbox in place with the tools we mentioned deployed, the risk transfer becomes more of a strategic buy with carrier partners that are sophisticated in cybersecurity. In turn, the carrier can then provide network vulnerability tests and remediation recommendations to bolster the enterprise's cybersecurity on a continual basis – a very necessary and critical function in today’s business landscape.