Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Meeting Backup Requirements for Cyber Insurance Coverage

Many companies wrongly assume that having backups in the cloud can prevent or reduce the impacts of a ransomware attack

Many companies wrongly assume that having backups in the cloud can prevent or reduce the impacts of a ransomware attack

The prevalence of ransomware has had a devastating impact on businesses over the past few years, with insurance underwriters seeing increasingly large ransomware payouts. As a result, some core cyber security hygiene fundamentals are being required by insurers to qualify for coverage. 

For example, secure cloud backup has become a hard and fast requirement. Most cyber insurance providers are demanding that companies supply proof of their backup implementation in order to obtain an affordable policy.  Furthermore, there are some additional capabilities that must now be implemented with cloud backups in order to pass the underwriting process. These include malware scanning, encryption, segmentation and multi-factor authentication.

Many companies wrongly assume that having backups in the cloud can prevent or reduce the impacts of a ransomware attack. In fact, a recent survey conducted by Ermetic into the security posture of AWS environments and their vulnerability to ransomware attacks found that in every single account tested, nearly all of an organization’s S3 buckets were vulnerable to ransomware. 

As a result, insurers do not consider all backup scenarios as acceptable. Underwriters often require that a company’s most sensitive applications be offline, immutable, and clearly catalogued through audit.  The use of data has become an essential force multiplier for businesses, but data exposure in turn creates tremendous risks. Whether it is a data lake, business intelligence data warehouse, customer information, or security telemetry, it is essential that organizations protect these crown jewels in a highly secure environment.  

[ Read: Improving Security Posture to Lower Insurance Premiums ]

Several techniques can be implemented to ensure the security and resiliency of backup architectures.  One is file change management, also known as File Integrity Management (FIM), which ensures that you are monitoring any changes to the backup environment. FIM can identify any modifications made to a cloud storage solution and generate alerts so administrators can investigate whether they are malicious or not.  

Another key technique is conducting a comprehensive audit of all cloud storage components and associated applications to ensure recovery processes will function as expected in the event of a breach. Organizations must know where all critical data is stored and abide by the privacy laws of the jurisdiction where that data resides.  

Advertisement. Scroll to continue reading.

Employing a strategy of change management and comprehensive visibility will provide organizations easier access to cyber security insurance coverage at more favorable rates. To ensure they maintain the highest level of financial protection in the event of a breach or ransomware attack, companies must continue to extend these measures as new data and applications come online, and their attack surface grows. 

Related: Cyber Insurance Market to Top $14 Billion by 2022: Report

Related: Plugging the Discrepancy Between Cyber Insurance Coverage and Actual Risk

Related: Cyber Insurance Firm At-Bay Raises $185 Million at $1.35 Billion Valuation

 

Related: The Case for Cyber Insurance

Written By

Gordon Lawson is CEO of Conceal, a company that uses Zero Trust isolation technology to defend against sophisticated cyber threats, malware and ransomware at the edge. Previously, he served as president at RangeForce Inc. Gordon has nearly two decades of experience in the security sector with a focus on SaaS optimization and global enterprise business development from global companies including Reversing Labs, Cofense (formerly PhishMe) and Pictometry. As a naval officer, Gordon conducted operational deployments to the Arabian Gulf and Horn of Africa, as well as assignments with the Defense Intelligence Agency, US Marine Corps, and Special Operations Command. He is a graduate of the US Naval Academy and holds an MBA from George Washington University.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cyber Insurance

Cyberinsurance and protection firm Boxx Insurance raises $14.4 million in a Series B funding round led by Zurich Insurance.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...