While the holiday’s fast approach, conditions on the job and highway are beginning to be more dangerous now than at any other time of the year. As a security officer, working in cold conditions isn’t just uncomfortable, but it can also be hazardous. Frostbite, numbness, dehydration, and hypothermia are real concerns for outdoor weather. So, if you’re working outdoors this winter, be aware of the dangers and stay safe.
Here are some tips for cold weather safety:
So, you’re in the market for cybersecurity insurance? Well, not unlike currently being in the market for a used car, you are going to find your options to be less enticing and more expensive than in the past. You will likely find it much harder to drive off the lot happy with your purchase.
Estimates are that cybercrime rose 600% during the COVID-19 pandemic. As organizations rushed to continue operations in the face of work from home mandates, they were often forced to increase the number of endpoint devices connected to their networks. This ballooned the size of networks and the potential attack surface for cybercriminals. The criminals took advantage. Damages from cybercrime is expected to reach $6 trillion this year, says BlackFog. According to Sophos, in 2021, 37% of all businesses and organizations have been hit by ransomware.
Ransomware has certainly grabbed the headlines recently. High-profile attacks on Colonial Pipeline, JBS, and DC Police Department garnered national and international attention, and at least one of these attacks had people hoarding gas at the pump. Schools, municipalities, banks, hospitals, television networks, and any other type of organization you might dream up has been similarly forced to navigate the choppy waters of ransomware and the digital pirates behind the crimes.
Cyber loss ratios have skyrocketed. By the estimates of Risk Placement Services losses often far exceeded actuarial estimates, jumping from 44.8% in 2019 to 67.8% in 2020. Meanwhile, increased regulatory and reporting concerns and requirements have upped the stakes when it comes to a data breach, especially one involving personally identifiable identification (PII).
All of this has caused considerable turmoil in the cybersecurity insurance market. Because the financial demands from cybercrime are mounting, those who are willing to take on the risk of paying such demands is dwindling. This is also causing increasing insurance rates for organizations coupled with carriers requiring more stringent requirements for coverage.
Confusing all of this is the fact that the market for cyber insurance is growing. According to the RSM Middle Market Business Index 2021 Cybersecurity Special Report, 65% of respondents use a cyber insurance policy for protection against internet-based risks, which is a 3% increase from last year. Market forecasts estimate that the compound annual growth rate (CAGR) of the market is expected to register 25.4%, reaching $17.55 billion from $4.52 billion in 2021.
So where does this leave leaders, as we analyze the current state of the cybersecurity market?
Less Providers/Coverage: The number of insurers carrying cyber insurance remains quite small with 10 U.S. insurers accounting for 70% of the premiums written in the market, estimates AdvisorSmith. Many of these insurers rely on reinsurers to support claims. The cybersecurity reinsurer market is even more concentrated. Four reinsurers account for more than 60% of premiums, according to Harvard Business Review. This all would suggest an increase in risk for cyber insurers will reduce capacity and insurers willingness to provide coverage or only provide coverage at a higher premium.
Higher Premiums: Standard & Poor’s estimates that cyber insurance rates will increase 20%-30% per year on average in the near future. This is due to increased claim frequency, the severity of claims, and the uncertainty of insuring cyber risk. An additional reason for higher premiums is that organizations are only beginning to take the digital threat to their data and bottom-line seriously. Leaders, generally, are only starting to recognize that cybersecurity is not an IT line item but a critical piece of operations that can provide business value because it can build trust between a business and its customers. As cyber incidents continue to rise, so too will premiums as well as the requirements that are necessary to meet the minimum threshold to procuring cyber insurance.
More Detailed Underwriting Process: The underwriting process is going to become a lot more invasive for organizations hoping to collect cyber insurance. Providers are going to want an increased amount of information about organizational cybersecurity practices. A process that used to take hours may now take days. Additionally, providers will want to ensure you are adhering to certain specific best practices such as multifactor authentication across the organization, regular backups, a patching program, and regularly scanning for vulnerabilities, or completing a periodic penetration test. Extensive questionnaires once reserved for large organizations, and resembling vendor security assessments or government RFPs, will trickle down into the upper-middle and middle-market segments forcing a greater burden on these organizations to adhere to more stringent cybersecurity practices to garner coverage.
Here are ways that leaders can navigate an increasingly demanding arena:
Consult an Expert: Leaders should have an expert review current cybersecurity insurance for any potential exclusions they may be unaware of, red flags that might exist, and ways they may be able to renegotiate for a better agreement. Additionally, all potential cybersecurity insurance policies should be inspected by an expert to ensure that the policy does not unfairly disadvantage the organization in favor of the carrier. While it is important to have a legal review of such a document to sure the language and clauses adhere to organization standards, it is also important to involve someone with technical expertise.
Practice Proactive Cybersecurity: In the past, organizations have been focused on reactive cybersecurity. This is focusing on how to respond to an event after it has occurred. Today, this is not going to cut it. Organizations must move to a proactive cybersecurity response. It’s not if you will be impacted by a detrimental cyber incident…but when. Even if you have the strongest security in the world, you will be helpless when a vendor bleeds your information. That’s why it is important to assume these incidents will occur and proactively prepare for them. One critical way to do this is to prepare incident response playbooks. Playbooks help your team stay cohesive when an event occurs. This way, everyone understands what they are responsible for, and everyone is working in tandem to achieve the same outcome. During an event, moments are critical. You don’t want to waste them bickering about how to respond. You want to have your response dictated beforehand so that everyone in the organization is rowing the boat in the same direction instead of looking for a life raft.
As our reliance on digital tools increases, so too will our risk from cybercrime. This will only make cyber insurance more necessary while also being harder to get. Organizations will need to be proactive about improving their cybersecurity practices. This includes building digital event response playbooks, conducting periodic penetration testing and vulnerability scanning, while implementing multifactor authentication, creating regular backups, and enabling audit logging. This is what organizations can do to prepare themselves for mounting security requirements for cyber insurance. It will also be necessary to be ever diligent about inspecting insurance policies for clauses that might unfairly advantage the insurance carrier over you. This is where consulting someone who is an expert in both insurance and cybersecurity will be paramount.
Most cybersecurity breaches do not come from vulnerabilities in the network, they come from employees who make a mistake. TriCorps’ employees are on the front lines of keeping the company safe from a cyber breach. That is why it is critical for you to learn what a cyberattack looks like and take steps to protect yourself and TriCorps from these types of attacks. First, let’s take a brief look at the most common types of cyberattacks:
Phishing: We all get phishing emails, every day. Traditionally, what comes to mind might be an email from a Nigerian prince willing to give you massive sums of his vast fortune if you only wire him a small loan. They have gotten way more sophisticated. Phishing emails now regularly include company branding, as you can see in the example. The goal of these types of emails is to cast a wide net and see who will take the bait. Phishing emails are designed to trick you into clicking on a link, downloading an attachment, or entering information (such as a username or password). They are cheap to make and distribute. Phishing emails do not include personalization and are not addressed to the recipient specifically. They also can include misspellings or links to dodgy web pages.
Spear phishing: These emails are much more personalized than phishing emails, although the goals are similar. They are specifically addressed to the recipient. They may include information about the recipient gained from information available online on the dark web, social media, and other websites, or gleaned from previous breaches. Spear phishing has become incredibly sophisticated. Attackers will craft emails that are spoofed to look like they are sent from someone a target knows and trusts or an organization a target regularly does transactions with (such as a bank or online retailer).
Business Email Compromise: This is a rising attack vector, one that is incredibly alarming. In it, an attacker sends an email to a target impersonating the target’s CEO and asking that person to quickly wire money on behalf of the organization. The victim fulfills the request and wires out the money to the attacker’s account. Once the money is wired, it is gone. The FBI estimates this type of attack has cost organizations billions of dollars.
Ransomware: A spear-phishing email is sent. The target clicks on a link or downloads an attachment. Suddenly a screen appears that alerts the target that his files have been locked down and they can no longer be accessed unless the target sends the attacker a ransom, usually in cryptocurrency. The rising value of cryptocurrencies, such as bitcoin, has helped fuel this type of attack.
These are just a few of the more common attack methods employed by actors in cyberspace. Hopefully, you are beginning to see a rhythm. One of the main ways that bad guys gain access is through a user clicking on a link or downloading an attachment. Therefore, it is imperative that you think before you click. If you are clicking on anything that is sent to you in an email or downloading any attachments, take a moment and consider if this is something you should be doing.
Email Intimacy: When we talk about emails, we like to use the analogy of a date. When you view an email, it’s much like sitting across from someone at a restaurant. But open an attachment or download a link and it gets a little more intimate:
Viewing an email will not cause you any harm. But anytime you go further by clicking or downloading, that’s when bad things can happen….
Guard Your Inbox: If you are sent an email, ensure that the sender is who they say they are. By adjusting a single letter (Amazon to Amaz0n), an attacker can spoof an email to make it appear to be a legitimate correspondence. If you’re not sure, pick up the phone. This is especially true if you’re asked to complete an action like clicking on a link, downloading an attachment, or entering credentials. If a company is asking you to reset your credentials, don’t do it from the email. Go to your web browser, navigate to their website, and change your information there. If a colleague asks you to complete an action, via email, and it feels strange, especially if it involves credentials or financial transactions, give them a call. Ensure the request is legitimate. It’s always better to be safe than sorry. Err on the side of caution.
Hover Before You Click: Before you click on a link, hover over it. A box will appear that will tell you where the link will take you. This way you can ensure that it is indeed taking you to the place it says it will take you. Do remember that attackers can spoof websites and email addresses by subtly changing letters to make the address seem like it is legitimate. Just be diligent.
Now we have to talk about passwords. If you’re like me, you hate passwords. We all do. They’re impossible to remember. It seems like everywhere you turn, you have to create a new password. One day, hopefully, we won’t need them anymore, but, for now, we are stuck with them. So, a couple of things about passwords.
Don’t Reuse Passwords: Never reuse passwords on multiple websites. Use a different password for each site. This is because if a password is compromised on one website, everywhere else that password is used is vulnerable.
Length and Complexity: You want to use complex passwords that are long (at least ten characters) and feature a combination of letters, numbers, and characters. The less complex the password, the easier it is to guess by a password cracker.
Consider a Password Manager: We all have too many passwords to manage mentally. We can’t juggle that much. Storing them on a device is dangerous, because if that device is compromised, so too are the passwords. Writing them down and stuffing them in a desk drawer may solve the problem of a cybercriminal gaining access, but it won’t stop a rogue colleague or wily janitor from scoring a motherload. A password manager can help safely store passwords. But make sure the password to your password manager is airtight.
Multifactor Authentication: Always…Always use multi-factor authentication. The most common example is when a website sends a PIN to your phone to allow you access to your account. Authentication methods are barriers to attackers. The more barriers you create, the less likely you are to be breached.
Update Your Software and Devices: Patch your software. Most software makes updating an effortless process now. We are all busy, and we avoid patching because it requires us to not have access to our software or devices for a brief period. Patches fix software vulnerabilities. When a company announces a patch, it is a clock to attackers. Until you patch, attackers know exactly the vulnerability they can use to attack your device or software. It’s wide open, until you patch. So, patch; do the update, grab a cup of coffee and bother your colleagues about your weekend plans. When you get back, your device will be much more secure.
That leads me to another important precaution. When you step away from your device, always lock the screen. Even if you are running to the break room for a cup of coffee or to ask a colleague a question, lock your screen. It only takes a moment for the right person to compromise you and the organization.
Don’t Overshare Online: We all like to share on social websites like Facebook, Instagram, and Twitter. But the information you share can be used to craft a targeted spear-phishing email. It can be used to guess your security questions on important websites like your banking website. This information can also be used to physically harm you or your loved ones. Some things to be wary of sharing:
You may want to consider making your social accounts private, so only those who you’ve accepted as friends can see your posts, leaving the rest of the world to wonder what you’re up to these days. We need you. TriCorps is under constant attack from cybercriminals who want to do our organization harm. We cannot keep TriCorps secure without your diligence. Please follow the advice contained in this column, and let’s be careful out there.