Advice for improving cyber security

Insurance can only ever be one part of the toolkit of preventative measures, and as cyber threats continue to develop it is crucial that businesses also take steps to put in place strong cyber security. There are a number of steps businesses can take to improve their cyber security and make accessing cyber insurance easier:

Install and regularly update and patch anti-virus and firewall software

You can set up regular, automatic scans. Do not rely on older, out-of-date products for the most critical applications and data access. It is important to update and patch regularly, as not doing so may impact your cover..

Raise awareness of and educate employees about cyber security

Provide training at all levels on how to identify common threats such as malware or phishing emails, and what to do if they encounter these. Also focus on the importance of cyber security.

Have a clear password policy and make signing in more complex

Set a strong password, using random words, mixed case letters, numbers and special characters, and not reusing the same password multiple times. Use a multi-factor or two-step authentication process.

Regularly perform back-ups of critical systems and files

There should be a clear back-up strategy with back-ups being offline, protected and tested for restore capability.

Protect your data

Encrypt any confidential data and limit the collection of personal/financial data to only what is necessary. Don’t give blanket access to all users, in particular, limit “local administrative privileges” to only users who truly need it.

Create an Incident Response Plan

This ensures that, in the case of an attack, you will have a timely and appropriate response. Without this, incidents can be much more severe. The Response Plan should be regularly tested and include how your business would respond to common cyber threats, such as ransomware.