Kroll’s Cyber Risk team has compiled a list of “10 Essential Cyber Security Controls for Increased Resilience (and Better Cyber Insurance Coverage).” These top controls were gleaned from our own experience and research—a blend of the more than 350 offensive security engagements that we performed annually, the 2,700+ incidents that we handled and the more than 40 cyber insurance questionnaires we analyzed.
As regulatory authorities are becoming more sophisticated in understanding the cyber threat landscape, these controls are being seen as industry standards. By revisiting these controls, organizations can help meet reasonable and appropriate safeguard thresholds and increase their opportunity for cyber insurance coverage.
The list comprises the following 10 controls:
- Multifactor authentication (MFA)
- Virtual private network (VPN)
- Remote desktop protocol (RDP)
- Endpoint detection and response (EDR)
- Incident response planning
- Infrastructure and segmentation
- Backups
- Access control
- Security culture training
- Email hygiene
To know how to protect your organization’s data and networks and strengthen your position with cyber security carriers, review the “10 Essential Cyber Security Controls for Increased Resilience (and Better Cyber Insurance Coverage).”