Cyber Subjectivities: Must Haves
Staffing firms are a vulnerable target for cyber breaches due to the number of employees in their database and the type of information on file, including addresses, SS#, bank information, Date of Birth, etc. As such, we have seen pricing increased exponentially, limits decreased, deductibles increased, as well as more subjectivities to bind coverages.
Carriers are no longer allowing staffing firms have relaxed cyber securities. With most businesses allowing more remote workers, carriers are requiring these eight cyber risk management tools mandatory in order to bind coverage:
Multi-Factor Authentication (MFA)
A method that requires the user to provide two or more verification factors to gain access to a resource, application, on-line account, or VPN.
Managed Detection and Response (MDR)
This is designed to cover the total network environment to include 24/7 Security Operation Center monitoring and scanning for open reports.
Employee Training
Training includes fake phishing attacks, webinars for employees to watch, and email reminders for best practices.
Secured Backups and Recovery
Employers need to have current backups that are in a separate, secured location that requires MFA for access and a disaster recovery plan so if an attack occurs, the downtime in minimal.
Regular Updates and Patches
Patches are software and operation systems updates that address security vulnerabilities within a program or product.
Tested Incident Response Plan
You company has tested procedures to ensure you plan is successful should a cyber- attack occur.
End of Life Software Removal
Software applications that are no longer needed, used, or supported are some of the most common vulnerabilities for employers. You have a process in place to remove them from your network and endpoints as soon as they are no longer needed.
End point Detection & Response (EDR)
EDR tools are technology platforms that can alert security teams of malicious activity and enable fast investigation and containment attacks on endpoints.
Most carriers have resources and or vendors that insurers can partner with to implement some of these important items. Marsh McLennan Agency also has resources to test employer’s technology systems to know where vulnerabilities lie and how to properly address them.
To learn more about providing cyber risk management to your company, contact an MMA representative today.
Related Resources
Related Pages
ABOUT THE AUTHOR
Scott Ravanesi
Scott Ravanesi is a Risk Management Consultant at Assurance who focuses primarily on the staffing industry. He’s dedicated to providing clients with long-term risk management strategies that support a healthy company culture and deliver measurable results. Scott’s prompt response time, ethical approach and willingness to go the extra mile helps staffing agencies minimize risk and maximize the health of their organization. Scott earned his Bachelor of Science degree in Business Marketing/Management and completed a one year federated insurance program at Southern Illinois University in Carbondale.
