Simple & Cost Effective Ways to Reduce Your Cyber Risk








Brought to you by Fenner & Esler


Taking these precautions will not only lower your cyber risk, but also lower insurance costs and improve the coverage and capacity offered to you.

1. Dual Authorization

  • Always have multiple people signing off on checks, ACH transactions, and wires.
  • Call the vendor directly with a number you have on file or a number you can find publicly.
  • DON’T :
    • Call the number on an invoice – you could be calling the hackers directly.
    • Email to confirm payment details – you could be emailing the hackers directly.

2. Domain Keys Identified Mail and Domain-based Message Authentication, Reporting, and Conformance (DKIM & DMARC/SPF)

  • These are standards that authenticate your email server and help provide even more protection against being compromised.

3. Adding in MDR Services/Endpoint Protection (Also Called EDM)

  • Managed detection and response (MDR) services are a great way to maintain a dedicated cyber risk management program through a third-party service without an extensive budget.
  • Many MDR services provide 24/7 real-time cyber incident response (IR) and security consulting services.

4. Cloud-Based Backups That Can Be Quickly Restored

Keeping data stored on a remote server allows users to instantly access that data in the event of an outage, failure, or cyber attack.

5. Add a Secure Email Gateway (SEG)

What is an SEG?

  • SEG is a type of software that monitors emails, both sent and received.
  • They defend against spam, malicious attacks, and fraudulent content while ensuring that legitimate emails still make their way to the intended recipient.
  • Popular vendors include Proofpoint, Mimecast, and Barracuda. The cost is usually less than $5 per month.

7. Use a Password Manager

Password managers assist in generating and retrieving complex, strong, unique passwords.

8. Employee Training

  • Employees are the weakest link, accounting for 90% of claims. Make sure to provide training and build a culture of awareness around cyber security.
  • Recommended employee training: KnowBe4

Don’t let a cyber attack compromise the technology, time, and talent you’ve invested to bring your firm’s work to life.


The Fenner & Esler Agency, preferred professional A/E insurance provider and partner of AIA Pennsylvania, reports that cyber claims with ransomware demands in quarter four of 2020 were up 177% over quarter four of 2019. If you don’t have a cyber liability insurance policy, contact Fenner & Esler for information on their affordable policies for architects and engineers.


Fenner-Esler has created a checklist to help small and mid-sized firms reduce the risk of Cyber Security threats. The principals at Fenner-Esler Insurance Agency urge A&E firms to utilize this list to keep the industry safer from cyber security threats. The cyber security checklist can be found at