5 Cyber Readiness Practices to Boost Your Cybersecurity

Travelers umbrella logo.
By Travelers
6 minutes

Cyber threats are an ever-present concern across businesses, nonprofits and public entities with organizations of all sizes often targeted by advanced and evolving attacks. The annual Travelers Risk Index shows cybersecurity persistently remains a top concern. The impact of cybercrimes like ransomware attacks, social engineering fraud and business email compromise make the implementation of robust cyber readiness practices essential for every organization.

Implementing these Travelers cyber readiness practices can help achieve a high five for cyber readiness in protecting your sensitive data, trust and operations.

Security and privacy protection challenges are ubiquitous. According to Tim Francis, Travelers Enterprise Cyber Lead, protecting privacy and sensitive data is essential for all companies. He recommends all organizations adopt a culture that will constantly strive to protect systems, privacy and sensitive data.

Start with an assessment:

  • Know your environment. Build and maintain an inventory of all computing equipment (including networking devices) and the software running on them. You can’t protect what you don’t know about.
  • Determine how your company identifies, assesses and mitigates data security and privacy risks.
  • Conduct audits or reviews of the company’s data privacy and security measures.
  • Interview internal IT professionals (chief data officer, information security officer, privacy officer, data stakeholders, etc.), or those of any third-party vendor that provides IT services, to determine the extent of your system’s data security and privacy protection.
  • Identify deficiencies and/or risks and the next steps to promptly correct any issues.

Adopt these five cyber readiness practices to help boost your organization’s cybersecurity

  1. Implement Multifactor Authentication (MFA): Prevention is the best defense. MFA – which requires the use of two or more authentication factors to verify the legitimacy of account access attempts – can make you 99% less likely to be hacked according to the Cybersecurity and Infrastructure Security Agency.1 MFA should be used for all users all the time to help prevent cybercriminals from accessing a business’s system or infiltrating a network, which can lead to ransomware attacks and other cybercrime schemes perpetrated against an organization.
  2. Keep systems up to date: Make good cyber hygiene part of your plan. Maintaining awareness and control of your IT assets is key. Your cybersecurity plan should include strategies for keeping systems up to date. An unpatched vulnerability is one of the easiest and most common methods used to compromise a computer system or network. It is essential to be prepared. Enable automatic updates where possible, replace unsupported systems and test and deploy available patches quickly.
  3. Use endpoint detection and response (EDR): An EDR solution protects against malicious attacks and can provide far greater capabilities than a traditional antivirus solution. EDR can help protect and monitor every asset in an enterprise network by identifying suspicious activity before the rest of the corporate network is exposed to unnecessary risk. EDR technologies monitor for anomalous behavior on each system rather than simply searching for malware.
  4. Have an incident response (IR) plan: The goal of an IR plan is to provide a clearly defined, focused and coordinated approach to responding to cyber incidents. This will enable the organization to limit the damage and hasten a return to normal. Getting back to business with limited impact after an attack is only one benefit of having a good IR plan. Your IR plan also shows your partners, suppliers and clients that you take cybersecurity seriously.
  5. Back up your data: Make copies of important data and system configurations and protect them. Businesses and organizations typically store many kinds of data, using a variety of computer systems, on networks that may be local, global or somewhere in between. Data on a system or network can include Protected Health Information (PHI), Payment Card Information (PCI), Personally Identifiable Information (PII), intellectual property or other propriety or confidential information.

Backups protect that information against human errors, hardware failures, cyberattacks, power failures and natural disasters, and are one of the most important steps that an organization can take to protect against cyber risks. Backups should be frequent, regular and systematic. A best practice is the 3-2-1 backup strategy:

3.  Create one primary backup and two copies of your data.
2.  Save your backups to two different types of media.
1.  Keep at least one backup file off-site and offline.

Choose an insurance provider that offers pre- and post-cyber breach services

Cyberattacks can happen to any organization. Travelers offers their CyberRisk policyholders pre- and post-breach services including:

  • Travelers eRiskHub®, powered by NetDiligence®.
  • Travelers Cyber Threat Alerts.
  • SentinelOne® Endpoint Detection and Response (EDR).
  • HCL Technologies Cyber Resilience Readiness Assessment and Cyber Security Professional Consultation.
  • HCL Technologies Security Coach Helpline.
  • HCL Technologies cyber security training videos.
  • Cyber Breach Coach®.

Travelers goes beyond insurance coverage. Get the tools you need to help your business become more cyber resilient so you can better anticipate, withstand and recover from a cyber event.

To learn more about CyberRisk coverage and these available services, talk to your insurance agent or a Travelers representative.

Source

https://www.cisa.gov/topics/cybersecurity-best-practices/multifactor-authentication#:~:text=The%20use%20of%20MFA%20on,less%20likely%20to%20be%20hacked.

An illustration of a lady typing on a computer in an office.

Top stories

2024 Risk Index: Cyber Concerns Reach All-Time High

The 2024 Travelers Risk Index is here. Learn the latest risks to cybersecurity and how to mitigate them for your business.

More Prepare & Prevent

How Does Cyber Insurance Work?

What is cyber insurance coverage and how does it work? Get the answers and learn about the different types of cyber insurance coverage with Travelers.

Graphic of secure cybersecurity practices.

More Prepare & Prevent

What Is a Cyber Breach Coach and How Do I Get One?

As cyber breaches become increasingly complex, a new role has emerged to help organizations navigate their response and recovery.

Data breach coach on the phone.

More Prepare & Prevent

How Multifactor Authentication Can Help Protect Against Cyber Threats

Multifactor authentication (MFA) can help stop cyberattacks by requiring a second form of verification that can block most account-compromising attacks.

Young businesswoman sitting on a park bench, logging in to laptop while holding smartphone with a security key lock icon on the screen.