Today, the double-edged sword called cyber insurance is both a must-have and a safeguard that’s increasingly difficult to acquire and afford. 

In 2022, cyber insurance coverage is more elusive for companies than it was in 2021 and chances are strong that that trend will continue. Why is it so scarce and costly? The explosion of ransomware and cyber-attacks means that cyber insurance has simply become a less enticing area of business. 

This makes it even more critical for both IT Security MSPs (Managed Service Providers) and their customers to adopt recognised security standards and then adapt them to changes in the cyber threat landscape. 

Although a great many MSPs are less adept at securing cloud IT compared to traditional on-premises applications and systems, the scope of protection that clients and cyber insurers see simply can’t end at the office door; it must extend across all applications, internal or external, on-prem or cloud. Only that degree of comprehensiveness will give Insurers the necessary confidence to underwrite cyber risk at affordable premiums. 

So how can proactive IT Security MSPs take charge of their customers’ cyber security in ways that optimise protection and greatly improve their standing in the eyes of stringent cyber insurers? Here’s a five-step plan. 

Step 1. Conduct a comprehensive SaaS discovery app audit  

You can’t secure what you can’t see. SaaS proliferation has given rise to risky Shadow IT, the unauthorized apps that employees and departments often add on their own, opening additional doors for cybercriminals. Fortunately, there are auditing tools gives you full visibility into the SaaS apps in a customer’s ecosystem, supplying the insight required to address Shadow IT and improve the overall security posture that cyber insurers evaluate. 

Step 2. Leverage global security threat reports to identify and highlight active risk. 

These days, a mainstay platform like Microsoft 365 has millions of fraudulent sign-in attempts happening each day—but how do we gain visibility into these and other threats on a continuous basis? Ensure that your MSP supplies threat reports that can give you an immediate picture of active risks, offering critical insights upon which to improve security policies and posture. 

Step 3. Customize MFA alerts to focus on what matters most. 

Alert fatigue is a significant problem in IT security largely because most alerts are after-the-fact reactions to issues that arise using the widest possible alerting scope. Thankfully Infoprotect have the necessary solutions that are equipped with specialised alerts related to the all-important multi-factor authentication (MFA) security measure.  

Step 4. Configure MFA policies to efficiently secure Microsoft 365 

Multi-factor authentication is the single most important security setting for SaaS software. Traditionally, O365 would require a security admin to click into each security policy and perform a lot of added configuration steps manually. We can eliminate these additional steps with a single, comprehensive view of which MFA policies are enabled. 

Step 5. Document ongoing security improvements to share with customers and insurers. 

While IT Security MSPs often struggle to show the concrete value of their security services to customers, the customer-facing reports feature available from Infoprotect tracks and illustrates exactly how they are protecting the customer’s users and data. The reports also show security score improvements over time, something that both clients and their insurers are highly interested to know about in detail. 

Why Are Cyber Insurance Claims Denied?

Read more

Why a Fractional CISO Could Save Your Business

Read more

Why Every Business Needs a Holistic IT Managed Service 

Read more

Safeguarding Your Business from Email Compromise in Six Easy Steps:

Read more

How to create a cyber placement strategy for 2024

Read more

Selling Cyber – Creating A Kick-ass Sales Process

Read more

Transforming Cyber Insurance: The Infoprotect Revolution

Read more

Why Move to the Cloud ?

Read more

Cybersecurity Insurance

Read more

Managing Human Risk in Phishing

Read more

10 STEPS to CYBER RESILIENCE

Read more

SMALL BUSINESS GUIDE to CYBER SECURITY 

Read more

Take the fight to email impersonators

Read more

Phishing – Lets Educate & Upskill the users

Read more

Answer yourself truthfully… Can your business afford LAN/WAN downtime?

Read more

Into lockdown & post Brexit: Business as usual for Infoprotect UK.

Read more

The Hidden costs of cybercrime over and above the economic impact.

Read more