Cyberattacks and data breaches have been occurring for many years, but the nature of these threats has evolved rapidly since the start of the covid pandemic. In 2020, as a huge number of companies around the world shifted their employees to remote work, cyber incidents, and in particular ransomware attacks, skyrocketed.
Needless to say, the consequences of these attacks have been severe, with ransom demands climbing ever higher. As just one example, Garmin paid $10 million after suffering a cyberattack in mid-2020. The looming threat of ransomware has, in turn, led to an uptick in companies’ seeking cyber insurance to compensate them in case of attack. A recent report by Hiscox shows that insured cyber losses of $1.8 billion in 2019 increased up by almost 50%.
What is Cybersecurity Insurance, and Why Do You Need It?
The fear of cyberattacks has compelled C-suites across the globe to invest in cybersecurity insurance. Although different insurers have different policies and levels of coverage, what’s generally included are:
- Operational disruption
- Data breach
- Incident response and investigation
- Crisis management
- Ransomware payments or other extortion demands
- Legal expenses and defense
Whether you’re a large enterprise or a small business owner, you might not have the resources to deal with the losses if a data breach occurs. Cyber insurance can help you combat the loss and save your business from devastation.
What’s the Connection Between Cyber Insurance and MFA?
There was a time not so long ago when businesses were able to obtain cybersecurity insurance without following any specific cybersecurity practices as a prerequisite. Given the sharp rise in the severity of cyberattacks over the last few years – and the corresponding growth of cyber insurance claims being filed – this is generally no longer the case. Colonial Pipeline, for instance, filed a claim with its cyber insurance carrier for the $4.4 million ransom it paid to its attackers. With huge claims such as this rolling in, it’s no surprise that cyber insurance providers are demanding at least basic security hygiene from their customers.
Indeed, in today’s heightened threat landscape, insurance providers are closely scrutinizing applicants and their existing security policies and enforcing more stringent guidelines for businesses seeking cybersecurity insurance. After US President Joe Biden signed an Executive Order on improving the nation’s cybersecurity earlier this year, multi-factor authentication (MFA) was mandated for all federal agencies in the United States. This further encouraged cyber insurance companies to also mandate MFA as a base requirement to get coverage for a cyberattack.
What Exactly Is MFA?
MFA is an authentication measure that verifies the user’s identity as he or she logs on to access a particular application or system. By definition, MFA requires two or more proofs of your identity beyond your standard login credentials. The different verification factors come from these groups:
- Something you know: A “knowledge factor” like a password or answer to a security question.
- Something you have: A “possession factor” like a one-time SMS password or security key.
- Something you are: An “inherence factor” like a fingerprint or facial scan.
How Can MFA Protect You?
MFA increases security by minimizing the possibility of unauthorized access. An MFA-protected system is much harder to hack than one protected by passwords alone. This is especially true because humans are inherently terrible at creating and remembering passwords that are difficult to crack.
MFA and Phishing Attacks
In a phishing attack, the attacker is aiming to steal the user’s login credentials in order to steal data or spread malware. But if MFA is enabled, those credentials alone are not enough to do any damage. The attacker would still need access to the additional verification factors, such as a one-time password, and these are considerably more difficult to acquire.
MFA offers very strong protection against credential stuffing attacks. In this type of attack, hackers simultaneously use a list of stolen login credentials on multiple sites, hoping that at least a few of them will provide access. But with MFA in place, the attackers won’t have access to the additional pieces of information needed for authentication – keeping the targeted resources safe and out of reach.
Protection Against MITM Attacks
MFA can also combat more complex attacks like man-in-the-middle (MITM). Even if an attacker manages to steal a user’s credentials and hijack the session, their success – and ability to wreak havoc – will only be temporary. The attacker will not be able to use the stolen credentials to initiate a session of their own, severely limiting the scope of the attack.
Increase IT Alertness and Response
Beyond preventing attackers from achieving unfettered access to corporate systems as in the previous examples, an unauthorized login attempt on an MFA-enabled system or application will also alert the IT admins and empower them to take immediate action. In this way, MFA can improve readiness and increase the speed of incident response.
The Future of MFA and Cyber Insurance
MFA alone is not a panacea, but it can very significantly lower an organization’s cyber risk level. Considering its substantial impact, combined with the relative ease of enabling MFA, this added layer of authentication is becoming a baseline security feature rather than an add-on. Organizations that have not yet implemented MFA for its security benefits will be increasingly forced to do so if they wish to purchase cyber insurance.
Implementing MFA with Cyolo
Strong authentication is one of the foundational principles of the zero-trust security framework, and MFA plays a critical role in in any zero trust architecture.
The Cyolo ZTNA 2.0 solution provides MFA as well as single sign-on (SSO) to all applications to give users a simple, frictionless experience while simultaneously boosting the organization’s overall security posture. And unlike other zero trust offerings, Cyolo makes it possible to add MFA capabilities to systems and applications that are not MFA-ready, including legacy systems and even OT networks. As we discussed in another recent blog, users of such systems enter through Cyolo’s web interface, where they are authorized with MFA for each entrance or action. Only after authentication can they access the system, which is now protected by a previously unavailable MFA solution.
Schedule a demo to learn more and see the Cyolo solution in access.