4 minutes read

As cyberattacks grow in frequency and severity, the demand for cyber insurance is exploding in response. According to Fortune Business Insights, the 2021 cyber insurance market was valued at an estimated  $7.60 billion in 2020 and projected to grow to $36.85 billion by 2028 — a CAGR of 25.3%. Zurich America estimated that by 2020, 78% of large organizations had purchased cyber insurance coverage of some type.

While insurance can help defray the costs of recovering compromised data and restoring damaged computers and storage devices, networks must be kept compliant with the terms of the policy. Otherwise, in the event of a cyberattack, your claim may be delayed or even denied. Keeping your environment in compliance can represent significant, ongoing costs to your organization — but the cost of neglecting compliance can be much higher.

What Is Cyber Insurance?

A cyber insurance policy (also referred to as ‘cyber risk insurance’ or ‘cyber liability insurance coverage’) is a financial product that enables businesses to transfer the costs involved with recovery from a cyber-related security breach or similar events. Typically, the most important aspect of cyber insurance will be network security coverage. This will offer coverage in the event of a network security failure – such as data breaches, malware, ransomware attacks, and business account and email compromises. However, the policy will also respond to liability claims and ancillary expenses of an attack or breach. 

Learn more about data protection services.

Coverage and Benefits

While cyber insurance coverage varies from provider to provider, typical policies cover organizations in five key areas:

Lost data. Companies are legally responsible for their data, whether stored locally, offsite, or in the cloud. And, if personal information (like protected health records) is exposed, companies may be liable. Cyber insurance typically covers the cost of recovering compromised data, notifying impacted customers, and may cover legal defense expenses.

Lost devices. Stolen or compromised laptops and mobile devices are a leading cause of compromised data. Many cyber insurance policies provide information liability coverage that covers the cost of device replacement, plus legal and other expenses.

Customer notification. The cost of notifying customers and impacted parties about a breach and ongoing remediation efforts can be significant. Cyber insurance can help compensate for the costs of legal counsel and specialized communications providers.

Investigation and forensics. Computer forensics experts help assess the extent of a cyberattack and determine whether sensitive data has been compromised. Cyber insurance may reimburse organizations for the cost of those expert services.

Miscellaneous expenses. Insurance may also help offset the cost of lost business, restoring compromised systems, and other expenses incurred during business restoration.

Tips to Ensure Compliance with Your

Cyber insurance is relatively new in the market, and many providers lack the historical data to accurately assess their risks. As a result, policies often require customers to maintain high security compliance standards to qualify for payouts in the event of a breach. Organizations relying on cyber insurance to compensate for inadequate security practices may be in for a shock when they make a claim, especially if they haven’t read the fine print in their cyber insurance contracts.

While the definition of compliance can vary from provider to provider, certain security best practice requirements are common to most policies and should be prioritized:

Third-party audits. An external security audit will help identify potential security issues and can help establish a detailed remediation plan.

Comprehensive backup and recovery plans. Effective backups are one of the best defenses  against cyberattacks. Secure, regularly-tested, cloud-based backups will replicate data offsite and help minimize downtime resulting from a breach.

Regular penetration testing. Penetration testing (completed annually at a minimum) can also uncover security gaps while helping to reduce risk from the insurer’s perspective.

Effective password controls. Some policies will insist on adherence to password best practices as a policy condition. These best practices include using strong passwords (letters, numbers, and symbol combinations), different passwords for every service, and even two-factor identification.

Comprehensive data encryption. All sensitive data must be encrypted at rest or in transit. Data access (physical or online) should be highly regulated.

Beyond Compliance: Expert Tips

While your policy will help define your cybersecurity priorities, here are two other steps you can take to strengthen your security infrastructure and minimize any issues if you need to make a claim.

Security training. Onboarding training for new hires and regular refreshers for existing employees will reinforce your organization’s security practices, create a ‘security-first’ culture, and help minimize unintentional breaches and exposure.

Collaborate with your insurance provider. A regular dialogue with your insurer allows you to communicate your ongoing security initiatives, identify and resolve any issues, and explore ways to enhance your coverage and optimize your insurance costs. 

The Value of an Expert Security Partner

A security-focused integrator can help optimize your organization’s security infrastructure and best practices to ensure you’re compliant with the terms of your cyber insurance policy.

At Path Forward IT, we’re experts in security and compliance. For years we’ve helped healthcare leaders meet stringent HIPAA, HITECH, and CMS requirements, and we bring the same knowledge and expertise to our customers in finance, education, and other industries.

Path Forward IT can work with your team to ensure cyber insurance policy compliance by conducting third-party audits and penetration testing, identifying and remediating security gaps, implementing operational best practices, and providing ongoing security training. 

Contact us to learn how we can help you ensure compliance with your cyber insurance policy.

3 minutes read

In 2021, escalating ransomware and other malware attacks continued to inflict significant damage on U.S. companies and public sector organizations. According to the U.S. Treasury’s Financial Crimes Enforcement Network, there was $590 million in domestic ransomware-related activity in the first six months of 2021 alone.

While most cybersecurity solutions are designed to protect against existing malware threats, they cannot adequately defend against emerging complex attacks. That’s why many organizations are embracing more advanced application execution control solutions to further safeguard their environments. These solutions include allow-listing, which allows known, ‘good’ files to run while blocking all others.

Allow-listing combines with three other technologies — ringfencing, storage control, and elevation control — to provide a powerful, multi-layered solution that proactively prevents ransomware, malware, and other unknown threats from running on a computer or system.

Next-Generation Allow-Listing Solutions

While many businesses rely on antivirus software, those legacy solutions cannot fully protect sensitive data and network assets. Allow-listing, while effective, has traditionally been too complex for all but the largest companies to operate. However, with next-generation solutions, even SMBs can now deploy allow-listing technology in just a few hours.

Today’s best-in-class allow-listing solutions employ a default-deny approach that blocks all applications unless they are on the allow list. These solutions also allow you to control what software, scripts, executables, and libraries can run on endpoints and servers.

Ringfencing For Added Security

While allow-listing blocks all untrusted applications, it cannot completely stop an attacker from deploying tools and applications to penetrate your network. Ringfencing adds another layer of protection by giving you the ability to control how applications behave after they’ve been opened.

With ringfencing, you can stop applications from interacting with other applications, accessing network resources, registry keys, and even files. It is particularly effective at stopping fileless malware attacks and preventing rogue applications from stealing your data.

Ringfencing also allows you to:

• Stop fileless malware and limit the damage from application exploits
• Specify how applications interact with each other
• Prevent users from infiltrating applications connected within the network
• Stop applications from interacting with other applications, network resources, registry keys, files, and more
• Prevent applications from interacting with built-in tools such as PowerShell, and stop built-in tools from accessing your file shares

Combining allow-listing and ringfencing solutions eliminates untrusted applications and helps prevent other security breaches.

Storage Control — Complete Control of Your Data and Devices

Many data protection solutions block access to USB drives and encrypt data storage servers but can delay access by authorized users in the process. These delays can reduce user productivity and create employee satisfaction issues.

Storage control allows you to control device access down to the most granular level, including file type, user or group, application, and serial number. With storage control, you can determine what data can be accessed or copied and the applications, users, and devices that can access that data.

Storage control also lets you:

• Create an audit of all file access on USB, network, and local hard drives
• Restrict access to external storage, including USB drives, network shares, or other devices
• Use single-click approval for specified devices or users
• Provide permanent or temporary access approvals
• Restrict access to specific file types
• Limit access to a device or file share based on the application
• Enforce or monitor the encryption status of USB hard drives and other external storage devices

Learn about Path Forward IT’s managed services.

Understanding Elevation Control

Elevation control provides additional security by creating access policies for individuals using specific applications. Combined with allow-listing and ringfencing solutions, elevation control allows you to control what applications can run, who can access them, and how they interact in your organization’s environment.

Elevation control capabilities include:

• Full administrative rights visibility. The ability to approve or deny an individual access to specific applications
• Streamlined permission Users can request permission to elevate applications and attach files and notes to support their requests.
• Varied elevation levels. Enables you to set durations for how long users are allowed access to specific applications by granting either temporary or permanent access.
• Secure application Combined with ringfencing, elevation control ensures that once applications are elevated, users cannot infiltrate connected applications within the network.

Why Path Forward IT Recommends ThreatLocker

At Path Forward IT, our expert team has evaluated the leading application execution control solutions. Based on our testing and experience, we recommend ThreatLocker as the most effective solution available at this time. By integrating allow-listing, ringfencing, storage control, and elevation control into a single solution, ThreatLocker provides any size company (from SMB to enterprise) with unprecedented levels of security.

ThreatLocker incorporates specific features that prevent operational interruption. For example, single-click allow requests for applications that users want to install or access capture all relevant application information required by IT security administration. Competing products employ a more manual submission process that requires users to gather the relevant details themselves and communicate them to IT.

Your Expert For Application Execution Control solutions

Many smaller organizations may not have the in-house resources or expertise needed to onboard ThreatLocker or other security solutions. At Path Forward IT, we provide a comprehensive ‘security-as-a-service’ solution tailored to your specific needs. We’ll assess your requirements, implement, manage, and optimize your ThreatLocker and other services, and ensure they’re integrated into your overall security strategy.

Contact Path Forward IT to learn how you can put ThreatLocker and other security solutions to work protecting your business.

3 minutes read

Are you part of the 72% of organizations that don’t have an adequate data recovery (DR) plan in place? Even if you’ve maximized your resources to protect your data, your organization may not be fully prepared. A backup and recovery audit assesses your data security and DR readiness and provides valuable intelligence to ensure you have the right plan in place.

Your Data Is at Risk

Data is more vulnerable than ever. It is critical to frequently assess that your posture is keeping pace with the latest threats; however, there is no guaranteed way to stop a determined criminal.

Cybercriminals are relentless in their efforts to breach businesses, sabotage data, or hold it for ransom. A solid data recovery plan creates another viable alternative to paying an enormous ransom.

Cybercriminals aren’t the only threats to data — Mother Nature can wreak havoc too. The effects of too much (or not enough) rain can result in extreme flooding conditions for some and wildfires for others. There’s only a small window of warning when it comes to hurricanes and tornadoes, and with safety as the first priority, worrying about data loss only adds extra stress.

Knowing how, when, and which data can be restored in the event of a data disaster is critical information for any business. That alone is enough reason to conduct a data recovery audit to confirm the viability of your plan; however, there are other benefits. Here’s how you can use a backup and recovery audit to inform your business strategy.

>>Is your data recovery plan ready to withstand Mother Nature? Find out.

Re-evaluate and Re-Prioritize IT Budgets

As your business evolves, so should your data protection plan. Budgetary allocations often don’t consider changing needs or emerging (and better) technologies, especially in the case of data storage and security.

A backup and recovery audit provides ‘proof points’ to help drive budget changes or reallocations to keep pace with cybersecurity and right-size your data backup and DR initiatives.

IT executives need to consider two important factors when allocating resources for DR: compliance requirements and the cost of downtime. Many organizations’ backup and DR needs are driven in part by their industry compliance requirements. This is especially true for financial institutions, government, and healthcare entities who must adhere to standards like FDIC, SSAE, HIPAA, and GDPR. As these standards evolve, organizations must review and enhance their DR capabilities to keep pace.

To determine the appropriate backup and disaster recovery investments, organizations should first calculate their specific downtime costs. These include lost revenues and productivity, recovery expenses, and intangibles (e.g., lost future business, damage to reputation).

Downtime costs add up quickly, especially in the face of a natural disaster. For example, Hurricane Rita resulted in 384 hours of power outages, and Hurricane Sandy caused 337 hours. According to a 2021 survey by ITIC, 44% of enterprises say downtime costs can exceed $1 million per hour.

Armed with the backup and recovery audit findings, a summary of compliance requirements, and an understanding of downtime costs, business leaders can make informed decisions about resource allocation to address data backup requirements.

>>Schedule your third-party data protection audit with Path Forward IT, no strings attached.

Optimize Network Infrastructure and Performance

A backup and recovery audit does more than uncover misalignments between your business-driven backup and recovery requirements and your existing DR plan. It also helps identify and resolve network infrastructure and performance issues that prevent your backup and DR plan from working properly.

Frequent backups drive significant network traffic, and the strain on legacy networks may impact the performance of other critical applications. If the audit identifies network performance issues, it allows the IT department to see any vulnerabilities in traffic flow, areas to improve network performance, and key components of backup and recovery plans. Executing audit recommendations will lead to smoother day-to-day operations and greater productivity for the IT department and the entire company.

>>Learn more about what is covered in a backup and recovery audit.

Internal Versus Third-Party Audits

After understanding the value of a data recovery audit, the next step is to ensure the quality of the audit. Engaging a third-party vendor is almost always the best option. For the same reasons accountants trust a third-party auditor to confirm a company’s financials, IT teams benefit from an outsider perspective to take a fresh look and validate its data protection strategy.

The audit’s goal is not to ‘call out’ the internal IT team or their hard work. A third party brings an outsider perspective, the benefits of having conducted hundreds of previous audits, and the ability to work with the internal team to ensure the business data recovery plan will perform as expected.

Contact Path Forward IT to schedule your data audit today and learn how our DR experts can give you crucial insights into your business continuity plan.