By Alvito Vaz
The average U.S. business experiences 42 cyberattacks each year, according to the “2022 U.S. Cybersecurity Census Report” from Keeper. When it comes to cybercrime, it’s not a matter of if, but when, your agency will be targeted.
Insurance carriers and agencies have valuable client lists. Sensitive personal information can be stolen through phishing attacks, malware, and ransomware, and sold on the dark web. Consider the examples of CNA, Chubb, Aon, Aflac and Zurich—all victims of data breaches.
As a result, regulators expect agencies to implement reasonable data security measures. The cyber insurance market also exerts pressure on players to modernize their protections if they want coverage.
For example, any agent who has sold a cyber liability policy lately knows that insurers have tightened their requirements and clients must employ a laundry list of security controls to qualify for insurance.
Multifactor authentication (MFA) is top of the list. Most cybercriminals hack into a system by stealing someone’s login information. MFA creates an additional layer of security that can’t be easily compromised. When logging in, the user must provide additional authentication, usually a PIN, one-time password or biometric signature.
Instituting MFA is part of building a strong cybersecurity culture. Cyberattacks succeed mostly because employees aren’t trained to recognize phishing emails or to change their passwords. Employees may also compromise security by failing to update software and by using public WiFi.
MFA is frequently built into software, but too many businesses …