The Cyber Insurance Checklist

Cyber insurance policies help cover the financial losses that result from cyber security incidents as well as the costs associated with remediation efforts. As the security landscape has continued to evolve and change, so have the common questions cyber insurers ask to qualify customers for coverage. First, check out the below list and ask yourself if your organization could answer “yes” for the existing common questions. After you have the initial questions covered, reach out to learn more about increased questions from insurers due to evolving threats, including those about network segmentation, managed privilege accounts, and more.

Existing common questions from cyber insurers:

1. Are incoming emails scanned for malicious attachments or links?

2. Is an Advanced Email Threat Protection solution enabled for email security?

3. Are all devices protected with next-generation anti-virus, anti-malware, and/or endpoint protection software?

4. Are critical patches implemented within one month?

5. Is critical data backed up at least daily?

6. Are backups kept separate from your network or in a cloud service?

7. Are backups protected with unique credentials stored separately from other user credentials?

8. Are your backups encrypted?

9. Has there been successful restoration and recovery of key server configurations and data from backups in the last six months?

10. Is multi-factor authentication used (MFA) to secure all remote access? Including VPN and RDP connections?

11. Is multi-factor authentication (MFA) used for cloud-based email account access?

12. Are any end of life or end of support software on the network?If so, is the software segregated from the rest of the network?

13. Is cyber security awareness training, including simulated phishing, implemented for all staff at least annually?

14. Are network and systems scanned for vulnerabilities according to industry standards best practices?

15. Are network and systems scanned for vulnerabilities at least monthly?

Entara is committed to staying aware and ahead of cyber threats that businesses face. To support this, we continuously evaluate and work with security vendors to enhance our security offerings pillared around prevention, resiliency, and recovery. We believe in the products and solutions we offer our clients and apply them to our own systems.

Interested in learning more about our offerings or if your organization is prepared to answer increased questions from insurers? Reach out to us at sales@entaracorp.com with any questions.

About Entara

Entara sets the standard as the world’s first eXtended Service Provider(XSP). We deliver exceptional, security-focused IT solutions for our clients, including IT managed services, security integration services, and incident response and recovery services. We provide the strategic vision, platforms, processes, and people that can travel with our clients on the path to their best IT future.