How’s Your Cyber Hygiene?

Brett Findlay, Vice President, Business Risk Specialist 

Dennis Ast, Senior Account Executive, Cyber Risk Specialist

Recently, there have been multiple instances of cyber-attacks in the news – Colonial Pipeline, JBS, CNA Insurance, and Kaseya, to name a few – and yet, many attacks of this nature do not get reported.  It is important to remember regardless of the type of organization you own or work for, all are at risk of cybercrime.

This recent increase in cyber-attacks has had a dramatic impact on the cyber insurance marketplace. Gone are the days when cyber insurance could be quoted and bound with minimal information – cyber underwriters are now requiring a full application and ransomware supplemental, as well as the completion of a cyber assessment on new placements and renewals. Organizations that have developed good cyber hygiene and resiliency can obtain the best coverages and limits. Organizations that have poor controls in place are finding it more difficult to obtain proper coverages and limits and some are being declined by most, if not all, cyber carriers.

Cyber carriers are looking for businesses to have multi-factor authentication (MFA), endpoint detection and response (EDR), and backups, as well as securing all remote access. Developing and implementing a proper cybersecurity program can take many months. One cyber carrier, Coalition, has developed a cybersecurity checklist to assist businesses in protecting themselves from a cyber incident. Utilizing Coalition’s cybersecurity checklist will help businesses understand which controls cyber carriers are looking for, while also helping organizations protect themselves from a cyber-attack.

Below is a list of quick tips from Coalition to keep your business safe from cyber-attacks:

  1. Increase email security.
  2. Implement Multi-Factor Authentication (MFA).
  3. Maintain full data backups.
  4. Enable secure remote access.
  5. Update your software regularly.
  6. Use a password manager.
  7. Scan for malicious software.
  8. Encrypt your data.
  9. Set up a security awareness training program.
  10. Purchase cyber insurance.

Our experts would encourage you to take some time to review the current status of your cybersecurity program and find where improvements can be made. In doing so, you will not only refine your underwriting profile for cyber carriers, but you will also minimize the impact of a potential cyber event on your organization.

For more information please contact Dennis Ast, Senior Account Executive, Cyber Risk Specialist at (716) 572-2410 or

This content is for informational purposes only and not for the purpose of providing professional, financial, medical or legal advice. You should contact your licensed professional to obtain advice with respect to any particular issue or problem. Please refer to your policy contract for any specific information or questions on applicability of coverage.

Please note coverage cannot be bound or a claim reported without written acknowledgment from a OneGroup Representative.