It’s that time that I fill out the annual cyber insurance policy application. Each year it gives me an insight into what insurance vendors are using to rate the risks and threats to our business and what they are stressing I should have as best practices. Not having them in place could affect insurance rates and whether I qualify for cyber insurance at all.
This year was interesting because it asked for specific ransomware prevention techniques and protections. Here are the questions that stood out.
Is two-factor authentication in place?
My insurance vendor asked if I had two factor authentication (2FA) in place protecting remote network access. They are reacting to the reality that both virtual private networks (VPNs) and Remote Desktop Protocol (RDP) provide effective access for attackers as well as users. We sometimes leave behind remote access to get into physical and virtual servers, but attackers target these remote access tools to gain network access.
More Stories
Friday Squid Blogging: Squid Game Season Two Teaser
The teaser for Squid Game Season Two dropped. Blog moderation policy. Read More
Clever Social Engineering Attack Using Captchas
This is really interesting. It’s a phishing attack targeting GitHub users, tricking them to solve a fake Captcha that actually...
US Cyberspace Solarium Commission Outlines Ten New Cyber Policy Priorities
In its fourth annual report, the US Cyberspace Solarium Commission highlighted the need to focus on securing critical infrastructure and...
Cybersecurity Skills Gap Leaves Cloud Environments Vulnerable
A new report by Check Point Software highlights a significant increase in cloud security incidents, largely due to a lack...
Going for Gold: HSBC Approves Quantum-Safe Technology for Tokenized Bullions
The bank giant and Quantinuum trialed the first application of quantum-secure technology for buying and selling tokenized physical gold Read...
This Windows PowerShell Phish Has Scary Potential
Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who...