This is Why You Should Double Check Your Cyber Insurance Policy

Image

Whether a business is in healthcare, accounting, legal, real estate, manufacturing, etc., most of a business’ important assets are digital. (Government municipalities are included too.) To make matters complicated, it’s very common for these digital assets to be stored in various systems and locations, intertwined with a third party’s digital information. With so many opportunities for disaster, steps must be taken to insure this critical information.

Cyber insurance is a new frontier that is rapidly evolving as the industry gets its bearings. Many companies are finding that their current cyber policies have very minimal coverage in case of a cyber breach, and the majority of these policies will not come close to providing the necessary breach coverages to the business or municipality.

When looking at your existing or new cyber policy, it’s important to consider these types of coverages:


As we have come to realize, the idea that security starts and ends with the purchase of a pre-packed firewall is simply misguided

Art Wittman

1. Privacy Breach Notification

Some reports estimate the notification and credit monitoring costs alone are over $100 per record, so if you had 1,000 compromised records, this alone could cost $100,000 or more.

2.Data Loss Restoration

Believe it or not, many large insurance carriers have policy exclusions for the replacement and restoration of data, so be very careful in this area when reviewing your policy.

3. Privacy Liability

This covers for the theft or loss of private information related to customers and other third-party information that is in your care.

4. Regulatory and PCI Defense

Many industries are under strict regulatory control, and breaches may result in fines and other penalties from these regulatory agencies.

5. Public Relations

If an enterprise has a breach, the bad press they receive can do significant long term reputational damage and can also be used by competitors to their advantage. This coverage will help hire a public relations firm to mitigate the reputational damage your name brand might incur.

6. Cyber Crime

If your organization is threatened with various cyber threats such as malicious code that will result in financial loss or data loss, this coverage is needed for the reimbursement of the costs associated with these threats.

7. Defense and Settlement costs

A breach affecting a lot of customers may result in lawsuits and financial settlements, so insurance coverage is needed to offset these potentially enormous costs.

8. Consulting and Forensic Fees

If a breach does occur, the upfront investigative process will require a lot of professional expertise and a lot of money, and this specific coverage will offset these significant costs.

9. Business Continuity

If a hack causes your business to lose income, this coverage will reimburse you for these losses.

It takes 20 years to build a brand or company reputation and a few minutes within a cyber incident to ruin it

Stephane Nappo

For a free cyber insurance policy evaluation, contact Libertate Insurance today at 813-367-7574 or email me, James Buscarini at jbuscarini@libertateins.com.

Our professionals are happy to review and discuss your firm’s existing cyber liability insurance policy and the relation to your unique business requirements, needs and cyber coverage. Our goal is to help your PEO and client companies navigate the cyber liability insurance landscape and identify potential vulnerabilities that could be exposed based on your existing technology network and infrastructure. Finally, we want to make sure that in the event of a ransomware attack, business email compromise or phishing expedition your firm has adequate coverage in each of the areas that you might be vulnerable to be targeted in.

EEO-1 Deadline For 2019 & 2020 Now Extended to August 23, 2021

Employers now have some extra time to submit equal employment opportunity (EEO-1) workforce data from 2019 and 2020, the U.S. Equal Employment Opportunity Commission (EEOC) announced on June 28, 2021. These reports were previously due by July 19, 2021. Employers now have until Aug. 23, 2021, to complete their submissions.

The EEOC’s collection of this data, the portal for which opened on April 26, 2021, had been delayed numerous other times due to the coronavirus pandemic. Under Title VII of the Civil Rights Act, the EEO-1 Report is usually due by March 31 every year.

EEO-1 Reporting Background

The EEO-1 Report is an annual survey that requires certain employers to submit data about their workforces by race or ethnicity, gender and job category. The EEOC uses this data to enforce federal anti-discrimination laws.

Employers Subject to EEO-1

Reporting In general, a private-sector employer is subject to EEO-1 reporting if it:

  • Has 100 or more employees;
  • Has 15-99 employees and is part of a group of employers with 100 or more employees; or
  • Is a federal contractor with 50 or more employees and a contract of $50,000 or more.

Employers that are subject to EEO-1 reporting now have until Aug. 23, 2021, to submit data from 2019 and 2020.

Employer Action Items

Employers subject to EEO-1 reporting requirements should ensure that they complete their EEO-1 submissions by Aug. 23, 2021. These employers should also review the EEOC’s home page and website dedicated to EEO data collections for additional information.

Important Dates

  • July 19, 2021: Prior deadline for submission of 2019 and 2020 workforce data.
  • Aug. 23, 2021: New deadline for employers subject to EEO-1 reporting to submit 2019 and 2020 workforce data.
  • March 31, 2022: Deadline for submission of EEO-1 data from 2021.

CYBER RISKS & LIABILITIES – Penetration Testing Explained

Image

Keeping workplace technology up and running is vital to any organization’s success. While this task seems feasible, it’s growing harder and harder each year as cybercriminals expand their reach.  It’s not enough to simply protect workplace technology with software and security protocols. It’s also critical for your organization to test the overall effectiveness of these protocols on a regular basis. That’s where penetration testing can help.

Essentially, penetration testing consists of an IT professional mimicking the actions of a malicious cybercriminal to determine whether an organization’s workplace technology possesses any vulnerabilities and can withstand their attack efforts. Conducting a penetration test can help your organization review the effectiveness of workplace cybersecurity measures, identify the most likely avenues for a cyberattack and better understand potential weaknesses.

Review this guidance to learn more about what penetration testing is, the benefits of such testing and best practices for carrying out a successful test within your organization.

What Is Penetration Testing?


Put simply, penetration testing refers to the simulation of an actual cyberattack to analyze an organization’s cybersecurity strengths and weaknesses. This testing usually targets a specific type of workplace technology, such as the organization’s network(s), website, applications, software, security systems or physical assets (e.g., computers and smart devices). Penetration testing can leverage various attack methods, including malware, social engineering, password cracking and network hacking, among others. Generally speaking, penetration testing is often performed by a professional from a contracted IT firm who is not associated with the organization being assessed in any way. This helps the cyberattack simulation seem as authentic as possible. Penetration testing is typically either external or internal in nature. The primary differences between these forms of testing are as follows:

  • External penetration testing requires the IT expert to attack an organization’s external-facing workplace technology from an outside perspective. In most cases, the IT professional won’t even be permitted to enter the organization’s physical establishment during external penetration testing. Rather, they must execute the cyberattack remotely—often from a vehicle or building nearby—to imitate the methods of an actual cybercriminal.
  • Internal penetration testing allows the IT expert to attack an organization’s internal-facing workplace technology from an inside perspective. This form of testing can help the organization understand the amount of damage that an aggrieved employee could potentially inflict through a cyberattack. 

In addition to these testing formats, there are also two distinct types of penetration tests. How much information an organization provides the IT professional prior to the cyberattack simulation will determine the penetration test type. Specifically:

  • An open-box test occurs when the IT expert is given some details regarding the organization’s workplace technology or cybersecurity protocols before launching the attack.
  • A closed-box test occurs when the IT expert is provided with no details other than the organization’s name before conducting the attack.

Ultimately, the penetration testing format and type should be selected based on the particular workplace technology elements or cybersecurity measures that an organization is looking to evaluate.


Benefits of Penetration Testing

Penetration testing can offer numerous advantages to your organization, including:

  • Improved cybersecurity evaluations—By simulating realistic cyberattack situations, penetration testing can help your organization more accurately evaluate its varying security strengths and weaknesses—as well as reveal the true costs and of any security concerns.
  • Greater detection of potential vulnerabilities—If any of your workplace technology or other cybersecurity protocols fail during a penetration test, you will have a clearer picture of where your organization is most vulnerable. You can then use this information to rectify any security gaps or invest further in certain cyber initiatives.
  • Increased compliance capabilities—In some sectors, organizations are legally required to engage in penetration testing. For example, the Payment Card Industry Data Security Standard calls for organizations that accept or process payment transactions to execute routine penetration tests. As such, conducting these tests may help your organization remain compliant and uphold sector-specific expectations.
  • Bolstered cybersecurity awareness—Mimicking real-life cyberattack circumstances will highlight the value of having effective prevention measures in place for your employees, thus encouraging them to prioritize workplace cybersecurity protocols.

Penetration Testing Best Practices

Consider these top tips for executing a successful penetration test within your organization:

  • Establish goals. It’s crucial for you to decide what your organization’s goals are regarding the penetration test. In particular, be sure to ask:
  • What is my organization looking to gain or better understand from penetration testing?
  • Which cybersecurity threats and trends are currently most prevalent within my organization or industry? How can these threats and trends be applied to the penetration test?
  • What specific workplace technology elements or cybersecurity protocols will the penetration test target?
  • Select a trusted IT professional. Consult an experienced IT expert to assist your organization with the penetration test. Make sure to share your organization’s goals with the IT professional to help them understand how to best execute the test.
  • Have a plan. Before beginning the penetration test, work with the IT expert to create an appropriate plan. This plan should outline:
  • The general testing timeframe
  • Who will be made aware of the test
  • The test type and format
  • Which regulatory requirements (if any) must be satisfied through the test
  • The boundaries of the test (e.g., which cyberattack simulations can be utilized and what workplace technology can be targeted)
  • Document and review the results. Take detailed notes as the penetration test occurs and review test results with the IT expert. Look closely at which cybersecurity tactics were successful during the attack simulation and which measures fell short, as well as the consequences of these shortcomings. Ask the IT professional for suggestions on how to rectify security gaps properly.
  • Make changes as needed. Based on penetration test results, make any necessary adjustments to workplace technology or cybersecurity protocols. This may entail updating security software or revising workplace policies.
  • Follow a schedule. Conduct penetration testing at least once every year, as well as after implementing any new workplace technology.

If you are a Risk Manager or Principal of a PEO and want to learn how you could help protect your client company’s interests through our affordable Master Cyber Liability program, eMail James Buscarini, Fl License #A036520 at jbuscarini@libertateins.com to find out more. The Master Cyber program is written through Axis, an A rated carrier, 250K in coverage, no underwriting, and a revenue generator!

Preventing Turnover Post-pandemic

The wake of COVID-19 leaves in its path a tattered and disheveled global supply chain in nearly every industry sector imaginable.  Everything from high end computer processors to basic building supplies like lumber to commodities as fundamental as toilet paper have been impacted.  As the vaccinated slowly begin to emerge and life resumes, a new supply chain shortage emerges – that of human capital. 

The need for a capable and willing workforce is evident in every corner of commerce. One impactful way for an employer to address this need is to retain the employees they already have.  To this end, I share with you the following HR Insights article published by Zywave on Preventing Turnover Post-pandemic. 

A pdf of the article can be downloaded by clicking here. 

Preventing Turnover Post-pandemic

The COVID-19 pandemic is finally getting under control. As more Americans get vaccinated, states are gradually lifting restrictions, and life is returning to pre-pandemic normalcy. Finally, individuals can get to the tasks they’ve been postponing for more than a year. Unfortunately for employers looking to retain employees, some employees are now ready to find new jobs.

Current Job Market Outlook

Turnover is a common occurrence throughout any given year. However, during the COVID-19 pandemic, year-over-year turnover trends drastically reduced. Workers instead clung to their jobs as a way to maintain financial security, having seen countless others get furloughed or laid off.

Now, as the economy opens back up, employers are pushing for employees to return to the workplace. But, a significant number of employees are unwilling to return to the status quo that was established pre-pandemic.

Instead, they are taking stock of their current positions and contemplating what they truly want out of their jobs. For some, the most direct path toward their goals is to find a new employer.

That’s why experts are predicting a “turnover tsunami” coming in the latter half of 2021; all the turnover that would typically take place in a given year is expected to come virtually all at once.

What Employees Want Post-pandemic

Each organization is unique, and its employees may have varying opinions about what’s most important to them. However, workplace survey data from the past year illuminates some commonalities between worker desires across industries. The following are some of the most coveted changes workers are looking for post-pandemic.

Remote or Hybrid Work Models

Many employees were forced to work from home at the start of the pandemic. As businesses reopen, employees are reluctant to return now that they’ve tasted greater flexibility and autonomy.

In fact, 47% of employees said they would leave their current jobs if their employers forced them back into the workplace, according to an Envoy survey. Additionally, 41% of employees said they would take a job with a slight salary cut if it meant having a hybrid work model (working some days in the office, others from home).

Given this and other data from countless surveys conducted in the past year, it’s apparent that employees want at least some remote work opportunities. And they are willing to leave their current employers to get it.

While remote or hybrid work is perhaps the most desired workplace perk at the moment, it’s not all that employees want.

Protection From Burnout

The COVID-19 pandemic has left many employees feeling burned out and overworked. According to an Indeed survey, 52% of employees are experiencing burnout, and 67% say burnout has increased during the pandemic.

Worse yet, now that businesses are reopening in full force, employee workloads are likely to increase rather than reduce. This increase is spurring employees to lobby for greater mental health benefits, time off and other resources for reducing stress levels.

Greater Compensation

Compensation has been an employee motivator well before the COVID-19 pandemic, but it’s particularly salient now. Across the country, the most recent example of this has been among fast food and retail workers. These segments have been working throughout the pandemic amid strict constraints, reduced staffing and elevated dangers.

Now, many industry workers are demanding better pay and benefits as compensation for their continued efforts—even walking out or quitting when their efforts are disregarded. In fact, 35% of surveyed employees said they would leave their current jobs for better compensation and benefits, according to an Achievers Workforce Institute report.

Turnover Prevention Considerations for Employers

At this point, it’s clear that a significant number of employees are feeling restless in their current roles. According to that same Achievers Workforce Institute report, only 21% of employees feel very engaged at work. Additionally, nearly half of respondents (46%) said they feel less connected to their workplace now than at the start of the COVID-19 pandemic.

To combat these trends and avert a “turnover tsunami,” employers will need to look inward toward their unique employee populations. This inquiry may include directly asking employees about their current mindsets (i.e., whether they’re considering quitting) and what concessions would make them stay with the organization.

Generally, employers can also consider implementing some of the changes employees are looking for, such as:

  • Providing remote or hybrid working arrangements
  • Expanding employee assistance programs to help with mental health and burnout
  • Increasing compensation or bonuses
  • Having managers meet more frequently with employees about engagement levels and ways to improve them

While these methods may be sufficient for the majority of workplaces, they are not silver bullets. Even higher compensation may not be enough to prevent turnover if other problems exist. That’s why employers should consider surveying employees about their individual opinions. Doing so can help identify unforeseen opportunities and potentially give employers ideas for improving retention without breaking the bank.

Reach out to Libertate Insurance Services, LLC for additional retention strategies.

This HR Insights is not intended to be exhaustive nor should any discussion or opinions be construed as professional advice. © 2021 Zywave, Inc. All rights reserved.

Ransomware Payments Average up 43%

An oft-overused quote by me is “I skate to where the puck is going, not where it has been” (Wayne Gretzky). Like hockey, cyber security is fast-paced, violent and can leave one pretty roughed up if not aware. Blood spills, and in this game, the refs are non-existent. These facts proven out below by our friends from Carrier Management in its entirety.

  • Average payment for ransomware attacks up 43% ($154,108 v $220,298). Any holiday cheer in Q4 2020 went out the window in Q1 2021 and limits should be reviewed accordingly
  • Median payments on claims up 58% ($73,398 v $49,450)
  • Average downtime due to ransomware in Q3 2019 – 12 days and in Q3 2020 – 19 days; pay attention to the oft-neglected “Business Interruption Worksheet” to set proper limits and deductibles based on your specific exposure if down.
  • “The biggest change over the six quarters ending Q3 2020 was that threat actors had come to “realize that their tactics scale to much larger enterprises without much of an increase in their own operating costs.” In other words, “the profit margins are extremely high, and the risk is low,” Larger companies are more lucrative targets and usually cost the same/have same risks to breach. Be even more concerned with size and ability to pay the ransom. They know what you can spend as they have all your files.
  • Plan your risk management strategy yesterday and your renewal today. Do not wait until your normal cyber anniversary date to understand your exposures and address them prior to your renewal. The cost to address concerns will probably be paid for just in the reduction of premium to mitigate threats

…keep your head on a swivel on this front. Barriers of entry for the bad folks are low, rewards are high and prosecution very tough due to anonymity and global nature of the crime.

I look forward to visiting the “City of Lightning” for the next few days for the NAPEO CFO Conference and hope to see you there!

The Ransomware Epidemic by the Numbers

 PRINT EMAILJune 21, 2021

During a session of the Casualty Actuarial Society Seminar on Reinsurance in June, Alexander Podmore, AVP and cyber underwriter for Swiss Re, defined a growing problem for cyber insurers—ransomware—and shared some data to underscore just how bad things are getting.Cyber Underwriting Changes: Is It Too Little Too Late?”

Ransomware is a form of malware that enters an insured’s network causing an encryption of data and systems, rendering them unusable until the victim restores their data and systems from backups, and incurs the relevant business interruption costs, or the victim pays a ransom demand to the hacker to provide safe return of the encryption key to restore access to the data and systems.

Citing figures from the latest quarterly report of Coveware, a firm that helps businesses remediate ransomware, Podmore noted that the average ransom payment in first-quarter 2021 was just shy of $250,000, having risen from “the low hundreds of dollars” in third-quarter 2018. In the space of two years, there has been an exponential increase, he said.

Below are some other figures and highlights from recent Coveware reports.

  • After a temporary decline in fourth-quarter 2020, the average ransom payment increased 43 percent to $220,298 in Q1 2021 (from $154,108 in Q42020). Compared to the Q1 2020 quarter a year earlier, the Q1 2021 average payment has almost doubled.
  • Q1 2021 averages were pulled up by a raft of data exfiltration attacks by one specific group.
  • The median payment in Q1 jumped to $78,398 from $49,450, a 58 percent increase.
  • Temporary declines in average and median payouts in Q3 2020, according to Coveware, were the result of the fact that while ransomware groups continued to leverage data exfiltration as a tactic, the trust that stolen data would be deleted was eroding. Exfiltrated data continued to be made public despite victims paying ransom.
  • In Q4 2020, email phishing overtook RDP compromises as the dominant attack vector for the first quarter since Coveware had been tracking data. In Q1 2021, RDP compromise was predominant again, but the gap between the two types of compromises was smaller than in past years.
  • Incident duration expanded slightly in Q1 2021 to an average of 23 days. The downtime measure has been creeping up, with prior reports showing 21 days in Q4 2020, 19 days in Q3 2020.
  • In Q4 of 2019, average downtime increased to 16 days from 12 days in Q3 2019. Coveware said the increase in downtime was driven by a higher prevalence of attacks against larger enterprises, who often spend weeks fully remediating and restoring their systems.
  • Commenting on the highest level reported in recent quarters, in Q3 2020, Coveware said that “attackers discovered that the same tactics, techniques and procedures that work on a 500-person company can work on a 50,000-person company, and the potential payoff is substantially higher.”
  • The biggest change over the six quarters ending Q3 2020 was that threat actors had come to “realize that their tactics scale to much larger enterprises without much of an increase in their own operating costs.” In other words, “the profit margins are extremely high, and the risk is low,” the Q3 2020 report said.

Sources: Quarterly reports from https://www.coveware.com/

Q1 2021: Ransomware Attack Vectors Shift as New Software Vulnerability Exploits Abound

Q4 2020: Ransomware Payments Decline in Q4 2020

Q3 2020: Q3 Ransomware Demands Rise: Maze Sunsets & Ryuk Returns

Q2 2020: Ransomware Attacks Split Between Enterprise & RaaS

Q1 2020: Ransomware Payments Up 33% in Q1 2020

Q4 2019: Ransomware Costs Double in Q4 as Ryuk Sodinokibi Proliferate

(Coveware: Ransomware Recovery First Responders)

In several of the quarterly reports, Coveware notes that although victims may decide there are valid reasons to pay to prevent the public sharing of stolen data, Coveware’s policy is to advise victims of data exfiltration extortion to expect that even if they opt to pay:

  • The data will not be credibly deleted. Victims should assume it will be traded to other threat actors, sold or held for a second/future extortion attempt.
  • Stolen data custody was held by multiple parties and not secured. Even if the threat actor deletes a volume of data following a payment, other parties that had access to it may have made copies so that they can extort the victim in the future.
  • The data may get posted anyway by mistake or on purpose before a victim can even respond to an extortion attempt.

Food For Thought Friday: Employee Retention and Attracting New Talent

Our hopes with this Friday post is to tantalize a different aspect of our business brains! We’re pulling together a few interesting pointers on employee retention and attracting new talent.

Small businesses continue struggling to retain and attract team members. Did COVID really unleash a population of, “I don’t really want to work!”? Quite possibly, but here are some thoughts on how to incentivize your assets, your work force.

One size NEVER fits all, tailor benefits offerings in a way that attracts and retains the best employees. Start this process is by surveying existing and potential employees. Ask your team what types of benefits would interest them the most. Use this data to make better benefits decisions. Business owners put substantial energy and time into these plans, why not create Boutique Style and customize a plan that excites your employees!

While each workforce will have unique needs and interests, there are some commonalities seen among small business employees. Here are six of the most popular benefits that small businesses are using to attract and retain employees.

First Up is the dreaded but, “Oh So Necessary” Health Care Coverage. Good health coverage is important but also expensive! This will likely be an important benefit to your employees with families or those further along in their years of experience. Some employees need a plan to cover same sex spouses. Consider doubling down on health coverage rather than picking up expenses for ancillary benefits that may not be of interest to the majority of your team. Going to work every day knowing that your employer cares about your health and the health of those important to you could be a game changer in the candidate pool.

Leave benefits vary by workplace, but typically include paid time off (PTO), vacation days and sick time. These types of leave usually come with specific use requirements. For employers looking to attract and retain employees, expanding these benefits could be a great leverage tool. This may include allowing faster PTO accrual, providing more sick days or allowing for flexible scheduling. Implement a remote work policy for those employees that can handle it. Let them know that they have earned your trust and are valued enough to allow them to work efficiently and effectively at home.

The third incentive on our list is the always exciting, Performance Bonus. Employees want to be recognized for their hard work. Failing to do so can lower morale and affect retention. Introducing performance bonuses as an employee benefit can be a way to combat this. Performance bonuses will vary, but the general idea is to compensate employees in some way for a job well done. How this looks in practice will depend on the employer. For instance, employees might receive incentives such as gift cards, cash, additional PTO or other perks, depending on their achievement. However, before implementing such bonuses, employers should ensure compliance with any applicable workplace laws regarding employee compensation.

Financial security is very important to employees, and that sentiment grows as employees near retirement age. It’s also top of mind for those struggling financially thanks to the COVID-19 pandemic. Employees invest their time and energy into their work. As a tradeoff, many employees want their employers to invest in their retirements in return for years of service. Offering a 401(k) with contribution matching can be a powerful attraction and retention tool, as it demonstrates an employer’s investment in their workers in the long term. 

Surveys suggest employees have been putting off job changes during the COVID-19 pandemic, meaning a wave of turnover may be coming soon. Employers may want to think proactively about ways to keep employees around. In other words, when it comes to top performers, employers should be reluctant to let these employees go. That’s where professional development comes in. YES! Some employees are driven by more than just compensation! Generally, this involves cross-training employees on other positions or otherwise preparing them to take on additional responsibilities. This helps provide the employee with more growth opportunities while still keeping them within the business. Offering such development opportunities also signals to prospective employees that a workplace has upward mobility and is willing to help workers along with their career goals—two factors that can weigh heavily in recruiting conversations. This one will actually work well for your business; cross-training provides security in your foundation and non reliance on any one individual for any one function.

Last up! Wellness is a hot topic these days, and employees are looking more and more for employers who take wellness seriously. This can be especially true in the wake of the COVID-19 pandemic, where health consequences are interwoven with everyday decisions. In fact, through the lens of the pandemic, ignoring wellness initiatives may be interpreted as ignoring overall health—something employers obviously want to avoid.  

Different workplaces will offer different wellness benefits, but the purpose of any of them is generally to increase employees’ overall well-being. For instance, benefits may include mental health counseling, healthy breakroom snacks, gym memberships, fitness trackers, yoga sessions or other perks. When it comes down to it, employees want to feel like their employers care about them as individuals. This means prioritizing well-being.

Remember, you do not need to implement all of these suggestions. Survey your team, understand what is important to them, contact your benefits provider or PEO and start customizing your benefits package.

Thinking about a PEO and how your small business can benefit, Libertate Insurance can help.

White House Issues Ransomware Prevention Guidance to Businesses

In a recent letter addressed to corporate executives and business leaders, the White House emphasized that
bolstering the nation’s resilience against cyberattacks is a main priority for President Joe Biden’s administration.
Specifically, as ransomware attacks continue to rise in both cost and frequency throughout the country, the
federal government is urging businesses to take this evolving cyber threat seriously.

These attacks—which entail a cybercriminal deploying malicious software to compromise a business’s network or
sensitive data and demand a large payment be made before restoring this technology or information—have
quickly become a growing concern across industry lines. In fact, the latest research provides that ransomware
attacks have increased by nearly 150% in the past year alone, with the median ransom payment demand
totaling $178,000 and the average overall loss from such an attack exceeding $1 million.

While the White House has begun working with both domestic and international partners on various strategies to
prevent ransomware attacks, the Biden administration is also encouraging businesses to play their part in
minimizing this rising cyber concern. Rather than viewing ransomware attacks as a minor cyber risk, the federal
government is instructing businesses to view these attacks as a significant exposure—one with the potential to
wreak havoc on their key operations.

As such, the Biden administration is recommending that businesses convene with their senior leadership teams
to review their ransomware exposures and implement these top cybersecurity measures:


  • Utilize the federal government’s best practices. Businesses should be sure to incorporate the best
    practices outlined in the Biden administration’s Executive Order on Improving the Nation’s Cybersecurity. This
    includes the following practices:
    o Implementing multi-factor (MFT) authentication on all workplace technology
    o Leveraging endpoint detection and response tools to identify and deter suspicious network activity
    o Encrypting sensitive data to make it less accessible to cybercriminals
    o Developing a trusted and skilled workplace cybersecurity team
  • Ensure an effective incident response plan. All businesses should have cyber incident response plans in
    place. These plans outline proper response protocols and offer steps for minimizing potential damages during
    cyberattacks. Businesses should make sure to include several ransomware attack scenarios within their
    response plans and routinely test these scenarios with their cybersecurity teams. Based on test results,
    businesses should revise their response plans accordingly.
  • Conduct frequent data backups. In addition to the federal government’s best practices, businesses should
    also prioritize securely backing up all sensitive data, images and other important files on a regular basis.
    Conducting such backups can help businesses remain operational and continue to access crucial data in the
    event that any workplace technology is compromised in a ransomware attack. Data backups should remain
    offline (not connected to key business networks) and be routinely tested.
  • Keep critical networks separated. In order to keep ransomware attacks from fully disrupting their operations, businesses should attempt to segment their various workplace networks (e.g., sales production, and corporate) from one another rather than having a unified network. Access to each network should be restricted to those who use them to conduct their job tasks. Networks should only allow internet access as needed. That way, businesses can avoid becoming completely compromised by single-network ransomware attacks and continue performing critical functions.

  • Maintain updated security software. To help safeguard workplace technology from ransomware threats,
    businesses should equip their systems and devices with adequate security software—such as antivirus
    programs, firmware protections and firewalls. Further, this software must be regularly updated to remain
    effective. That being said, businesses should also consider utilizing centralized patch management systems to
    keep security software on a consistent update schedule.
  • Review workplace cyber security protocols. Apart from testing their response plans, businesses should
    also regularly assess whether their existing workplace cybersecurity policies, procedures and software are
    sufficient in protecting against current risks—such as ransomware threats. In particular, businesses should
    consider using a third-party penetration tester to review their ransomware defense tactics and overall
    cybersecurity capabilities. Businesses should work with their trusted cybersecurity teams and IT experts to
    make workplace adjustments as needed (e.g., updating policies or purchasing new security software).

For additional risk management guidance and insurance solutions email me James Buscarini, PCA at jbuscarini@libertateins.com or call me at 813.367.7574.