What Safeguards Cyber Liability Underwriters Want to See from Tribal Nations
Ransomware attacks continue to dominate headlines nearly every day. Cybersecurity has become a top consideration for business owners across the country, but tribal nations should be aware of their specific vulnerabilities, and the safeguards that they should have in place to protect their business entities’ and community’s data.
Tribal nations are particularly enticing for cyber criminals due to their financial successes and the reality of the breadth of their operations. Cyber attackers see an infiltration of tribal nations’ information as extremely valuable.
For this reason, tribal governments and business enterprises look to spend money on IT infrastructure to protect their data. As you navigate the many solutions available to you, it’s important to consider the insurance implications of your choices: how can you build out an infrastructure, as well as policies and procedures, that will look appealing to a cyber liability insurance underwriter?
Regardless of if you have one central IT department or several entities within the tribe that have separate IT silos, below are some key targets all of your IT teams should collectively focus on to make sure security levels are uniform across your organization.
Cyber underwriters are looking for…
Implementing a multifactor authentication process (MFA) is low hanging fruit for tribal nations. These processes require users to authenticate their identity by providing two forms of identity – a username and password, and another form of your choice. MFA is often used to provide users access to an internal server when they are working remotely or checking email.
The second form of identity can be a myriad of things, from a biological form (fingerprints, etc.), to systematic questions or code access through an MFA app. Cyber underwriters look for tribes to have MFA implemented for both email and remote desktop connections to lower their risk.
Many cyberattacks begin in the inbox. Luckily, tribal nations have a few tools at their disposal to make them a better risk for cyber insurers.
- Email quarantining and screening: Tribe-wide email platforms can be set to display a message that reminds users to be aware of potential spam or breach tactics. The message can read something like “External Email: Click links or open attachments with caution.” In addition, instead of providing employees with access to an open spam folder, you can set up an email quarantine that keeps your servers safe while employees self-filter the messages that are meaningful to them.
- Antivirus or malware software: Your IT team can determine which software is best for your needs, but having a digital protection plan in place will look better to cyber underwriters.
- Regular employee training on cyber safety: It only takes one wrong click to open your servers up to threat actors. While you can put many programs and processes in place to prevent dangerous emails from getting in front of your employees, it’s best to prepare them for the messages that may slip through the cracks. Regular training to self-detect phishing emails and other common cybercrime practices will go a long way in protecting your community – and making you more insurable.
End point detection and protection response tools
Your IT department is aware of current threats and how to detect them. By using end point detection and protection response tools, you are putting the health and safety of your information in the hands of the experts.
Endpoint Detection and Response (EDR) is a software solution that provides continuous monitoring of data from desktops, laptops, and other devices (endpoints). With endpoints numbering in the tens of thousands for some tribes, automating some of this detection is key to protecting your information.
Robust patching policy
Underwriters are also going to want to see that your IT team has a thorough plan in place to keep security software updated on devices throughout your business entities. Documenting this process is a good start to making yourself a more attractive risk for insurers.
Documented operational continuity plan
Another thing to document? Your operational continuity plan. If a cybersecurity breach were to occur, what are the steps that you would take to ensure continuity of work? The business entities of a tribal nation are intertwined with so many aspects of the community, so this is an important consideration.
If you were to be attacked in a cyber breach, many people and organizations would be affected. Your plan should have identified those persons that have approval (council members, attorneys, heads of IT, etc.) to sign documents quickly. When engaging forensics teams and law firms, not having the roadblock of waiting on a signature or approval is key in expediting the timeline of engaging with vendors. Underwriters will want to take a look at your continuity plan should this type of breach occur.
Encryption of sensitive data and regular backups
Finally, underwriters want to know that you’re taking every step possible to protect your data from the inside. Using encryption methods and implementing regular (daily if possible) backups, with backups stored in a separate location, is best practice for tribes.
Cyber attacks continue to become more sophisticated and frequent, which has made many cyber liability insurance underwriters more skeptical of this risk. Tribal nations are a prime target for cyber criminals, and so need to be aware of the strategies they need to put in place in order to maintain cyber insurability at a reasonable cost. The tactics described above are a good place to start for tribes year-round, but also in preparation of renewal season. Reach out to your M3 account executive to discuss your cybersecurity risk management practices and your cyber renewal strategy.