Ransomware Supplemental Questionnaire!
Dreaded words to the internal IT liaison as they receive their annual Cybersecurity Insurance renewal Ransomware Supplemental Questionnaire!
This doesn’t have to inspire dread, but as a great opportunity to review your companies IT security posture in several key areas.
Most commonly the questionnaire is organized around:
- Email Security
- Network Security Administration
- Business Continuity and Disaster Recovery
Let’s address solutions that help you meet these requirements.
Email Security
The first line of defense for your Office 365 or Google email system is a secure email gateway that will scan and quarantine malicious emails. There are several 3rd party solutions, such as Proofpoint, but Microsoft also offers Microsoft Sentinel and the Advanced Threat Protection (ATP) add-on. Make sure your company has invested in this type of technology.
Phishing testing and remediation is next on the list, to educate your users to be aware of the different types of attempts to gain information or access to your systems. It is highly recommended that a third party testing and training tool like Knowbe4 or Breach Secure Now is implemented in your environment.
Network Security and Administration
Endpoint security has morphed into a cornucopia of different abbreviations and solutions all geared towards protecting that client endpoint machine. At a very minimum you need a good Endpoint Detection and Response (EDR) solution that will help stop your users from inadvertently infecting their machine with Malware.
Remote access, including VPN, should have Multi-factor authentication via an authenticator application, avoiding SMS, which is insecure.
Internal process controls are necessary to ensure that items like ACH transfers can’t be completed without a verification process.
Endpoints all need to be updated regularly with critical security patches.
Firewalls should be appropriately configured at offices to maintain logs for at least 30 days and any public facing servers should be hardened against compromise.
Business Continuity
Backups of sensitive and critical business systems is essential – including cloud based solutions such as Google Drive and Microsoft SharePoint/OneDrive. Google and Microsoft do provide some versioning of documents, but should you need a file, as it was saved 8 months ago – you will be hard pressed to retrieve it. We recommend cloud to cloud SaaS backup solutions, which are relatively inexpensive and help maintain alternative data storage from your primary supplier.
Knowing how fast your organization could be back up and running if there was a disaster is a critical component of your Disaster Recovery plan.
Finally, end users having administrative controls over your applications or security features is a big no-no, and you should have alternative, administrative only accounts to manage these services.
I hope that this has been helpful in reviewing some of the questions you might receive on your Cybersecurity Insurance renewal. Feel free to reach out to LMJ to get more information.