Insurance broker and risk advisor Marsh revealed that US cyber insurance premiums rose by an average of 11% in the first quarter of 2023, and Delinea reported that 67% of survey respondents said their cyber insurance costs increased between 50% and 100% in 2023.
With the cost of premiums rising, the survey says it is becoming more difficult for companies to qualify for and obtain cyber insurance, CISOs and IT leaders are looking for ways to make their organizations more secure in the eyes of insurers.
Reinforcing Active Directory security is one way to protect an organization's critical infrastructure and manage or even potentially reduce the costs of cyber insurance.
Numerous factors contribute to the rising cost of cyber insurance premiums.
More claims: As attacks grow, so too do cyber insurance claims.
Active Directory is a key part of many organization's IT networks, managing credentials, security policies, and controlling user access.
If a bad actor can breach your end users' Active Directory passwords, they can cause massive, mission-critical consequences - from disrupting your day-to-day operations to stealing confidential data and causing huge amounts financial damage.
What cyber insurers' look for in Active Directory security.
They know Active Directory is central to most business networks, so they pay extra close attention to how it's secured.
Insurers understand that a well-secured Active Directory can drastically reduce the likelihood of a successful cyber-attack and often require evidence of your organization's robust Active Directory security measures before they offer coverage.
Security audits and regular monitoring: Insurers favor organizations that conduct thorough security audits of their Active Directory environment, assessing all aspects, including configurations, user permissions, and group policies.
Block weak and compromised passwords: The most important step to increase the overall password security in your Active Directory environment is to block weak and compromised passwords.
Access control and authentication protocols: Cyber insurers also look for strong Active Directory access control measures, including strict user authentication protocols like multi-factor authentication, which add an extra layer of security beyond passwords.
Patch management and software updates: Insurers want to confirm that your organization is keeping Active Directory and all its related systems up-to-date and want proof your company has a robust patch management policy that ensures all your software is current and protected against known vulnerabilities.
They look beyond your Active Directory software, examining the servers' operating systems and other infrastructure components on which you run Active Directory to ensure they're also updated.
To effectively address evolving cyber threats and reduce your organization's cyber insurance-related financial risks, prioritize your Active Directory security.
Strengthening your cyber defenses - by implementing comprehensive security measures like regular audits, robust access control, and proactive patch management - will not only boost your cybersecurity but will also ensure your Active Directory is well-secured, helping you obtain critical cyber insurance coverage.
Specops Password Policy enforces a stronger Active Directory password policy, helps organizations block weak passwords that can be vulnerable to cyber-attacks and simplifies the management of fine-grained password policies.
The Breached Password Protection feature continuously and automatically scans your Active Directory for over 4 billion known compromised passwords, proving to insurers that you're serious about enforcing effective password security.
Learn how Specops Password Policy not only automates password security but also helps users create stronger passwords in Active Directory with dynamic, informative client feedback.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Tue, 19 Mar 2024 14:35:29 +0000