Brought to you by Fenner & Esler
Taking these precautions will not only lower your cyber risk, but also lower insurance costs and improve the coverage and capacity offered to you.
1. Dual Authorization
- Always have multiple people signing off on checks, ACH transactions, and wires.
- Call the vendor directly with a number you have on file or a number you can find publicly.
- DON’T :
- Call the number on an invoice – you could be calling the hackers directly.
- Email to confirm payment details – you could be emailing the hackers directly.
2. Domain Keys Identified Mail and Domain-based Message Authentication, Reporting, and Conformance (DKIM & DMARC/SPF)
- These are standards that authenticate your email server and help provide even more protection against being compromised.
3. Adding in MDR Services/Endpoint Protection (Also Called EDM)
- Managed detection and response (MDR) services are a great way to maintain a dedicated cyber risk management program through a third-party service without an extensive budget.
- Many MDR services provide 24/7 real-time cyber incident response (IR) and security consulting services.
4. Cloud-Based Backups That Can Be Quickly Restored
Keeping data stored on a remote server allows users to instantly access that data in the event of an outage, failure, or cyber attack.
5. Add a Secure Email Gateway (SEG)
What is an SEG?
- SEG is a type of software that monitors emails, both sent and received.
- They defend against spam, malicious attacks, and fraudulent content while ensuring that legitimate emails still make their way to the intended recipient.
- Popular vendors include Proofpoint, Mimecast, and Barracuda. The cost is usually less than $5 per month.
7. Use a Password Manager
Password managers assist in generating and retrieving complex, strong, unique passwords.
8. Employee Training
- Employees are the weakest link, accounting for 90% of claims. Make sure to provide training and build a culture of awareness around cyber security.
- Recommended employee training: KnowBe4
Don’t let a cyber attack compromise the technology, time, and talent you’ve invested to bring your firm’s work to life.
The Fenner & Esler Agency, preferred professional A/E insurance provider and partner of AIA Pennsylvania, reports that cyber claims with ransomware demands in quarter four of 2020 were up 177% over quarter four of 2019. If you don’t have a cyber liability insurance policy, contact Fenner & Esler for information on their affordable policies for architects and engineers.
Fenner-Esler has created a checklist to help small and mid-sized firms reduce the risk of Cyber Security threats. The principals at Fenner-Esler Insurance Agency urge A&E firms to utilize this list to keep the industry safer from cyber security threats. The cyber security checklist can be found at www.fenner-esler.com/cyber.