How to improve security controls for a new era of cyber insurance

Our Identity Business Manager, Melissa Hardcastle explores the recent changes in cyber insurance, how they impact your organisation, and how to strengthen your cyber security strategy in response to the ever-evolving threat landscape.

Why is cyber insurance changing? 

The ever-changing cyber landscape combined with hybrid working has led to a rapid growth in cyber crime and external cyber threats, particularly ransomware.

In 2021, cyber attacks increased by 50% compared with 2020, a surge that most organisations hadn’t anticipated. The cost of cyber crime in escalating and ransomware is now the cause of 75% of all insurance claims, up from 55% in 2016.

Key points

+ Cyber insurance has always been a reliable safety net, but things are changing fast and insurance brokers are tightening security requirements. This means that organisations need to now implement stricter security controls than before, deploying multi-factor authentication and a least-privilege strategy.

+ High demand for pay outs is driving up insurance costs and altering the products offered by cyber insurance companies, including the scope of what they will and won’t cover. Some companies, such as AXA made an announcement in August 2021 that it would no longer pay ransom demands for future policy holders.


Before committing to a new or existing policy, be aware of what the changes look like and which types of attacks your cyber insurance policy will and won’t pay out for. 

Read more about the changing face of cyber insurance

The new cyber security controls you need to implement 

Cyber insurance companies now look for common security controls, such as:

  • Administrative privileges
  • Access management
  • Employee behaviour monitoring
  • Network segmentation
  • Malware defence


Key steps to meet the new cyber insurance requirements 

  1. Implement password management and automation: avoid storing credentials on Excel spreadsheets or in Word documents and relying on encryption to keep them secure
  2. Limit privileged access: implement a Privileged Remote Access tool to grant just-in-time access, for limited time periods compliance
  3. Protect privileged accounts: deploy a Privileged Access Management (PAM) tool to manage privileged account access, including credential rotation, session monitoring, and auditing capabilities
  4. Deploy multi-factor authentication: this allows you to security check access before granting it to confirm identities
  5. Education and training: your employees are the most likely way a cyber criminal will find their way into your systems. Implement regular training to make employees aware of how to spot a social engineering or phishing attack


How to plan for a cyber incident 

You can deploy every security tool available and always follow best practice, but as the threat landscape evolves, so do cyber criminals’ techniques. With cyber incidents, it’s always a case of ‘when’ rather than ‘if’ one will happen.

It’s important to create and implement a cyber security incident response plan (CSIRP) before a threat is detected. This approach will protect your organisation against the impacts of cyber attacks with a quick and effective reaction.

A basic incident response plan includes:

  • A list of key contacts
  • Escalation criteria
  • A flowchart or process map
  • At least one conference number

These plans should be created with a good understanding of the different roles within your organisation and include your business continuity and disaster recovery plans for each area, ensuring complete coverage and collaboration across all departments.

Follow our best practice advice to help prevent a security breach


How do you ensure rapid support in the event of an incident? 

Cyber security incidents require careful preparation, rapid response, and critical asset protection. Incident response retainers support organisations to get back to business as usual following a security incident. By deploying their own technologies to your environment, they also apply their frontline expertise to transform your cyber defence capabilities, mitigate threats, and reduce business risk – before, during, and after an incident or breach.


Talk to us about tightening your cyber security controls 

Our cyber security specialists will identify how strong your cyber security strategy is, identify weak spots, and spot opportunities to implement tougher cyber security controls.

Chat to us now
Melissa Hardcastle
Melissa Hardcastle

Melissa is Phoenix's in-house Identity Business Manager. Having spent over two years advising our public sector clients on all aspects of security solutions, Melissa has experience working with some of the leading security solutions on the market today. She continues to advise our customers about how Phoenix helps solve security challenges including identity, SOC, SIEM, and incident response.

See all posts by Melissa Hardcastle