5 steps to lower your cyber insurance

Today, the double-edged sword called cyber insurance is both a must-have and a safeguard that’s increasingly difficult to acquire and afford.

In 2022, cyber insurance coverage is more elusive for companies than it was in 2021—and chances are strong that that trend will continue. Why is it so scarce and costly? The explosion of ransomware and cyber attacks means that for carriers, cyber insurance has simply become a less enticing area of business.

 

As specialized carriers such as SeedPod Cyber know all too well, ransomware attackers spare virtually no one. The company’s recent white paper points out that although firms with more than $1B in revenues are twelve times more likely to experience a data breach compared to firms with less than $10M in revenue, the most frequently targetted size of firm in Q4 of 2021 had just 133 employees.

 

In such a high-risk climate, cyber carrier requirements are becoming so strict and detailed for policy qualifications that a great many organizations simply can’t meet them. This makes it all the more critical for both MSPs and their customers to adopt recognized security standards and then adapt them to changes in the cyber threat landscape.

 

Although a great many MSPs are less adept at securing cloud IT compared to traditional on-premises applications and systems, the scope of protection that clients and cyber insurers see simply can’t end at the office door; it has to extend across all applications, internal or external, on-prem or cloud. Only that degree of comprehensiveness will give carriers the necessary confidence to underwrite cyber risk at affordable premiums.

 

So how can proactive MSPs take charge of their clients’ cyber security in ways that optimize protection and greatly improve their standing in the eyes of stringent cyber insurers? Here’s a five-step plan.

 

Step 1. Conduct a comprehensive SaaS discovery app audit 

You can’t secure what you can’t see. SaaS proliferation has given rise to risky Shadow IT, the unauthorized apps that employees and departments often add on their own, opening additional doors for cybercriminals. Fortunately, an auditing tool such as Augmentt Discover gives you full visibility into the SaaS apps in a client’s ecosystem, providing the insight required to address Shadow IT and improve the overall security posture that cyber insurance carriers evaluate.

 

Step 2. Leverage global security threat reports to identify and highlight active risk.

These days, a mainstay platform like Microsoft 365 has millions of fraudulent sign-in attempts happening each day—but how do MSPs gain visibility into these and other threats on a continuous basis? Threat reports like those enabled in Augmentt Secure can give them and their clients a clear and immediate picture of active risks, offering critical insights upon which to improve security policies and posture.

 

Step 3. Customize MFA alerts to focus on what matters most.

Alert fatigue is a significant problem in IT security largely because most alerts are after-the-fact reactions to issues that arise using the widest possible alerting scope. Thankfully Augmentt Secure is equipped with specialized alerts related to the all-important multi-factor authentication (MFA) security measure. Given how there a millions of alerts received daily by MSPs, Augmentt Secure helps them tune out the noise and focus on the MFA threats that matter most.

 

Step 4. Configure MFA policies to efficiently secure Microsoft 365

Multi-factor authentication is the single most important security setting for SaaS software. That’s why Augmentt Secure now combines alerting with time-saving MFA configuration capability, enabling MSPs to audit, monitor, and secure MFA directly from the Augmentt platform. Traditionally, M365 would require a security admin to click into each security policy and perform a lot of added configuration steps manually. Augmentt Secure eliminates these additional steps with a single, comprehensive view of which MFA policies are enabled.

 

Step 5. Document ongoing security improvements to share with clients and insurance carriers.

While MSPs often struggle to show the concrete value of their security services to clients, the customer-facing reports feature in Augmentt Secure lets MSPs track and illustrate exactly how they are protecting the client’s users and data. The reports also show security score improvements over time, something that both clients and their insurance carriers are highly interested to know about in detail.

 

Want to learn more?

Contact us to start a conversation on how Augmentt Secure can enable higher levels of protection leading to a lower level of cyber insurance costs.

Derik Belair

As President and CEO, Derik leads the vision, strategy and growth of Augmentt. Prior to founding Augmentt, Derik was the Vice President at SolarWinds, leading the digital marketing strategy for SolarWinds’ Cloud division. Derik has been working in the channel for over 20 years, starting his career as a channel sales rep at Corel Corp. and eventually becoming the first employee at N-able Technologies in April of 2000.
Read More
SUBSCRIBE for more resources
Related Content

Agent and Agentless

    When it comes to Augmentt Discover, we believe in flexibility and power. Augmentt Discover can collect SaaS usage data using both an Agent and Agentless model. Here is a quick [...]
    Read

    Product Evaluation Guide

      Thank you for starting your Augmentt Product Evaluation and Trial   Here are a few resources that will help you through this technical process. Support Technical Support is available to [...]
      Read
      Augmentt is a centralized SaaS security platform built for MSPs to deliver scalable managed security services for Microsoft and cloud apps. Our multi-tenant platform gives you visibility across all your end-users to easily audit, protect and detect security threats for a holistic approach to cyber security.
      Solutions
      Company
      Contact

      Want to get the latest resources in Saas Security?

      Join our mailing list and we’ll only send you value-add content.