Fintech Security

Multi-Factor Authentication: The New Norm For Cyber Insurance Coverage – Security


To print this article, all you need is to be registered or login on Mondaq.com.

Ransomware – a demand for a monetary payment to regain access to
one’s data or network – continues to rock the charts as cyber
criminals’ go-to, get-rich-quick scheme. As we know, the
pandemic spurred the work-from-home or hybrid movement that likely
will continue for years to come. With more and more employees
working from home, more data is being shared remotely, leaving the
door open for missed or inadequate computer and technology
security. Phishing and fraud schemes and social engineering methods
used to demand ransom are particularly attractive as they target
and take advantage of the number one security risk – a
company’s people
.

In light of the increased ransomware risk, there has been
explosive growth for cyber insurance coverage resulting in
insurance companies being obligated for massive payouts. In turn,
prerequisites to obtain cyber coverage have also evolved, including
but not limited to an internal security measure called multi-factor
authentication (“MFA”). General single password-entry
systems are no longer sufficient measures of protection. Password
theft is common, as many individuals use the same password on every
system they access and one of those systems has been compromised at
one time or another.

Multi-factor authentication isn’t a new concept, but the
topic has been hot and a sticking point as insurers evaluate the
solutions and policies required for cyber insurance coverage in
light of the exponential uptick in ransomware attacks.

What is MFA? Multi-factor authentication is an
additional level of security to common passwords. When logging into
a system, program, or device with a password, MFA requires the user
to receive and enter a second form of authentication that can be
sent via text, call, email, or some other code to gain access. My
colleague Scot Ganow wrote about this years ago in his PDS blog
post (he would call it a plea), “Multi-Factor Authentication (MFA).
Please. Do it. Now.
” Some may consider MFAs a bit of an
annoyance, as it is an extra step in the login process. While that
may be true, MFAs are relatively simple to use and implement,
comparatively low cost, and quite effective in preventing threat
actors from attempting to gain access to a system.

The cost-benefit analysis is a no-brainer as the average
ransomware payout is in the millions, and MFAs reportedly block 99%
of attempted attacks. Implementing an MFA is a simple and effective
step to proactively prevent breaches when a threat actor strikes.
And, in the end, let’s face it. Security is not
supposed to be convenient
. Trust us, the relatively
few additional seconds it takes to log into an account is nothing
compared to the days and weeks (and dollars) spent trying to
recover from a security incident. And if that is not enough, how
about you do it just to get or simply keep your cyber insurance?
Indeed, carriers are requiring it to get insurance and may deny
coverage if you don’t have it in place. Again, heed the plea:
Multi-Factor Authentication
(MFA). Please. Do it. Now
.

The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.

POPULAR ARTICLES ON: Technology from United States

Property Rights In NFTs Are In The Spotlight

Wiley Rein

Interest in non-fungible tokens (NFTs) — unique digital assets created and sold on blockchains — have exploded in the past year. Buyers have paid many millions for these digital goods…

Important Security Updates Issued By Apple

Taft Stettinius & Hollister

If you haven’t already seen the notifications in the Taft Privacy and Data Security Mobile App, we wanted to make you aware or remind you about some important security updates issued by Apple…

Source link

Leave a Reply

Your email address will not be published.