Ransomware Protection Requirements for Cyber Insurance Policy Qualification
What Kind of Ransomware Protection is Required to Qualify for Most Cyber Policies?
Do you have the ransomware protection policies in place to get the extra protection you need when disaster strikes? You’ll need to showcase you have ransomware protection policies in place as a preventative measure. In the event of a ransomware breach, you’ll need to have a data backup plan with minimal mean time to recovery (MTR) Below, we've listed what cyber insurers are looking for to give you the coverage you need.
Ransomware Readiness Checklist
To qualify for certain cyber policies, you’ll need to attest to the following ransomware protection protocols:
What Ransomware Protection policies and procedures do you have in Place?
You will need to show that you have adequate coverage in your environment in the following arenas.
- Email Filtering to prevent phishing
- Suspected malicious email code management
- Email content and sender authentication protocols
- Multi-factor Authentication Procedure
- Web and web content filtering procedures
- Procedure for end users remotely accessing your network
- Remote access control protocol to your network
- Remote Desktop Protocol protection in your network
- Office 365 security add-ons utilization
- Security Awareness Training/ anti phishing training.
- Network Access Control Procedure.
- Applications and Application Data Privileged Access Control Protocol
- Endpoint Detection and Response (EDR) Solution in place
- Open port hygiene maintenance procedure
- Network access control procedure for Managed Service Providers (MSPs)
- Vulnerability Management Procedure (includes patch update protocol)
- Adequate security events monitoring and logging
Additionally, you will need to determine if you have any unsupported systems and applications in your network and if so, identify to what extent.
Ransomware Recovery Questionnaire
You will need to have satisfactory answers for the following questions to ensure you have adequate ransomware recovery policies and procedures in place. Consider a Security Risk Assessment or Incident Response Readiness Assessment, if you cannot answer any of the questions below.
In the event of an infection of the core network and applications:
- How quickly would your business operations be impacted?
Not sure? Consider a Business Impact Analysis
- What percentage of the network could be recovered from a back-up?
- What’s your network redundancy?
- What’s the estimated number of hours to restore your business operations?
- What’s your Mean Time to Recovery (MTR) estimate?
- How would you describe your back-up procedure?
- How often are your critical systems and data files backed up?
- What back-up storage do you have?
- How often is your network fail-over and recovery procedure tested?
- What is the extent of your disaster recovery preparedness?
Need help checking some boxes?
IE has a team of Cybersecurity experts certified in data center management and ransomware protection protocols. If you’re unable to answer any of the above questions, struggle to define what you have in place, or know you need extra assistance qualifying for cyber policies. Consider investing in a Security Risk Assessment with our team. This will help you identify gaps and vulnerabilities in your current security posture. If you would like assistance creating or refining security policies for your environment, our vCISO offering is catered towards that initiative.
In the meantime, considering boosting your security arsenal with a free trial of Cisco ThousandEyes. This offering can help you identify threats faster, reducing your mean time to identification.