Top 10 Cybersecurity Controls Commercial Insurance Underwriters Want to See

By: Kelly Geary | June 9, 2022

Kelly Geary is a Managing Principal with EPIC Insurance Brokers and Consultants based in the New York City area. She serves as the National Practice Leader – Executive and Cyber Risk as well as Coverage Counsel & Claims Leader for Lemme, a division EPIC.

Topics: Cyber | Risk Insider

The cyber insurance market continues to be marked by volatility, keeping insureds and underwriters alike on their toes.

In early 2021, the market shifted very abruptly, and increasing frequency, severity, and the sophistication of cybercrime pushed cyber underwriters to re-evaluate their approach to pricing, appetite, coverage, and underwriting.

Insureds renewing cyber insurance programs in the last 18 months know that underwriters have substantially upped their game when it comes to underwriting cyber risk.

At the beginning of this shift to a hard market, there was a definitive change to more detailed and technical underwriting. There was also inconsistency regarding the network security controls that were considered the most important, but today, the markets are in closer alignment.

Below are the top 10 network security controls that most cyber underwriters expect to see. They will differ based on carrier, individual underwriter, organization size, industry, etc. and are subject to change.

1) Comprehensive Multi-factor Authentication (MFA) plus Strong Password Controls

MFA (privileged access, remote access, remote cloud-based apps/O365) and strong password controls protect an organization against phishing, social engineering and password brute-force attacks and help prevent logins from attackers exploiting weak or stolen credentials. For many cyber underwriters, this is the most important control.

2) Network Segregation and Network Segmentation

Network segregation (separation of critical networks from the internet) and network segmentation (splitting larger networks into smaller segments) help reduce the risk and potential impact of ransomware attacks and will improve IT professionals’ auditing and alerting capabilities, which will assist in identifying cyber threats and responding to them.

3) Strong Data Backup Strategy

A strong data backup strategy is typically part of a solid disaster recovery/business continuity plan.

Underwriters want to see daily data backups, backups stored in more than one location, access rights limited to data backups, etc.

4) Disabled Administrative Privileges on Endpoints

Disabling administrative privileges on endpoints improves security posture. An administrative end-user on an endpoint for even a few minutes can lead to catastrophic data breaches if the endpoint is compromised.

5) Security Awareness Training for Employees

Security awareness has never been more important. The threat environment is evolving rapidly. Regular and frequent employee training is a must in today’s environment.

6) Endpoint Detection and Response (EDR) and Anti-Malware

EDR provides advanced measures for detecting threats and provides the ability to identify the origin of an attack as well as how it is spreading.

Anti-malware is a version of EDR — it scans your system for known malware such as trojans, worms, and ransomware, and upon detecting them, removes them. Underwriters look for both.

7) Sender Policy Framework (SPF)

SPF plays an important role in email authentication. It helps prevent emails from unauthorized senders from hitting an employee’s inbox. Underwriters look for this defensive tool.

8) 24/7 Security Operation Center (SOC)

A dedicated SOC acts as the first line of defense against cyber threats. The analysis and threat hunting conducted by SOC teams help prevent attacks from occurring in the first place.

SOCs provide increased visibility and control over security systems, enabling the organization to stay ahead of potential attackers. Cyber underwriters view this as a key proactive approach to network security.

9) Security Information Event Management (SIEM) Platform

SIEM tools collect and aggregate log and event data to help identify and track breaches.

They are powerful systems that provide security professionals with insight into what is happening in their IT environment and help track relevant events that have happened in the past.

10) Strong Service Accounts Security in Active Directory

Assigning service accounts in built-in privileged groups, such as the local Administrators or Domain Admins group, can be risky. Underwriters want service accounts removed from Domain Admin groups.

The implementation of these top 10 network security controls does not represent the full extent of the cyber underwriting process nor will they be the basis for a premium discount.

There are a host of additional controls, policies, procedures, and processes that underwriters will be evaluating. But checking these boxes will provide insureds with a solid foundation designed to meet the baseline expectations of cyber underwriters. &

How a Carrier Partner Can Help Navigate a Challenging Management and Professional Liability Market

A combination of a choppy economy with increased claims frequency and severity could lead to rate increases in the Management & Professional Liability market.

By: Risk & Insurance | April 3, 2024

Rates in the management & professional liability (M&PL) markets were on the rise from 2020 to early 2023 and are now falling rapidly.

M&PL divisions manage a number of different insurance products including management liability (D&O), professional liability (E&O), employment practices liability (EPL), fiduciary liability policies, cyber, etc. In 2023 and into 2024, a big influence on the marketplace has been the extremely aggressive and softening public company D&O market.

Though these rates have been softening for management liability, that may change over the next few years as companies continue to adjust their business models motivated by economic uncertainty. Layoffs were up nearly 200% last year, Forbes reported, even as other recession indicators, like the inflation rate, improved. A recession could lead to an increased claim activity and force carriers to raise rates.

“Whenever there is a meaningful downturn in the economy, we tend to see claim frequency pop up,” said George Schalick, Jr., senior vice president of the Management and Professional Liability Division at Philadelphia Insurance Companies (PHLY).

With continued fiscal uncertainty, businesses potentially already burdened with pandemic-related claims should seek a carrier with a long history in M&PL products. They will provide much-needed risk management guidance and be better positioned to support their insureds during market fluctuations.

Why Insureds Might See an Uptick in M&PL Claims

George Schalick, Jr., Senior Vice President of the Management and Professional Liability Division, Philadelphia Insurance Companies

The current soft market might come as a bit of a surprise as it does not track with previous underwriting cycles and economic conditions. Afterall, many privately held and non-profit organizations struggled during the early days of the pandemic with shutdowns and rapidly declining revenues. But the Government assistance programs, like the Paycheck Protection Program loans, helped keep many afloat during the tough times.

“During COVID many organizations stopped doing business until they were able to sort out all of the health and safety challenges,” Schalick said. “They were forced to lock down, but then all the government assistance programs allowed them to keep people employed. The increased volume of claims we anticipated we would see coming from the lockdowns and restrictions that were imposed upon businesses in the U.S. didn’t manifest at first.”

“Just because there wasn’t an onslaught of reported claims at the beginning of the pandemic, doesn’t mean the circumstances that would give rise to a claim being reported didn’t occur. Courts and the judicial system were closed or slowed and now that they are back open, we’re starting to see the circumstances that occurred during the COVID lockdowns becoming claims today,” Schalick said. “Litigation is progressing.”

Added to the delayed pandemic litigation is a concern over newer claims that might be filed as the country inches toward an economic downturn. Though a recession was avoided in 2023, experts think a soft dip could occur in 2024, with 76% of economists saying there’s a 50% or less chance of an economic downturn this year — that almost always results in more management liability claims.

“During the Great Recession in 2008, we saw an almost immediate spike in claims because of the economic conditions and the pressure it placed on organizations. They were making personnel changes with significant belt tightening almost immediately.” Schalick said.

What’s in Store for M&PL Policy Rates in 2024?

Despite an uptick in claims and increased economic uncertainty, management liability rates haven’t increased, resulting in market-wide pricing levels that may not meet the increased pressure of rising settlements and jury verdicts.

“Rates are going the other direction and settlement values are not falling,” Schalick said.

The mismatch between rates, claim frequency and severity is, in part, because carriers experiencing the dramatic soft market in the public D&O market are seeking premium gain in the private and non-profit market.

“In the public company market, the rates have been decreasing significantly. The rates were increasing in the private, not-for-profit market, and rightfully so, but there’s a desire to supplement overall mid-size D&O for carriers who also write private not-for-profit, and they see that as an opportunity to aggregate premium,” Schalick said. “So the always competitive landscape in the private, not-for-profit market has dramatically increased in the last 18 to 24 months.”

Still, companies of all sizes and types should be concerned about management liability rates in the future. Legal system abuse is resulting in increases in both the amount of litigation and the size of verdicts plaintiffs are receiving.

Certain areas of the country are particularly vulnerable to this type of legal system abuse. As a result, insureds in these localities are likely to be vulnerable to rate increases.

“The environment is so positive for the plaintiff that forces premium increases so carriers are able to stay in that market long term,” Schalick said.

Why a Tenured Carrier Partner Can Help Insureds Navigate An Uncertain Market

It’s clear that insureds are facing an uncertain M&PL market over the next few years. Fortunately, carriers with a long history in the M&PL space will be there to offer stability.

Philadelphia Insurance Companies has been supporting this market for 35 years. PHLY is committed to offering long-term rate stability, even as economic and claims trends start to push premiums upwards. They have an appetite for all sorts of companies, large and small, for-profit and nonprofit alike.

“We’ve been at this game for a long time and are one of the most tenured underwriters in this space,” Schalick said. “We like to stay very consistent.”

PHLY has worked with both for-profit and non-profit on management liability policies. With dedicated M&PL teams throughout the company’s 13 regions, PHLY provides the support agents and brokers are looking for on behalf of their clients. The teams know their regions well and can respond to local trends. They’re also dedicated to making the renewal process as easy as possible for their partners and policyholders.

“We have real confidence in our results, so we focus a lot on making the renewal experience as painless as possible for all agents and insureds,” Schalick said.

The company is also investing in tools to help insureds avoid losses. Earlier this year, they launched a new online risk management platform, PHLYGateway, which offers resources for insureds on how to create an employee handbook and trainings on issues such as recognizing workplace sexual harassment and discrimination.

If insureds have questions, they can consult a Best Practices Help Line, provided via the platform. That way, they can get on the spot risk management guidance to help them prevent claims.

To learn more, visit: https://www.phly.com/mplDivision/managementLiability/default.aspx.

This article was produced by the R&I Brand Studio, a unit of the advertising department of Risk & Insurance, in collaboration with Philadelphia Insurance Companies. The editorial staff of Risk & Insurance had no role in its preparation.

Top 10 Cybersecurity Controls Commercial Insurance Underwriters Want to See

1) Comprehensive Multi-factor Authentication (MFA) plus Strong Password Controls