In a world where insurers and their client companies alike must combat fast-shifting cybersecurity threats, experts cite practices that can at least minimize risk.
Arthur J. Gallagher & Co. does as much in its new report, “Protecting Security and Privacy in an Interconnected World.” The international insurance brokerage and risk management services firm recommends a number of best practices that can help. Among them:
- Cultivate a culture of security awareness, including the use of social engineering training and targeted employee phishing exercises.
- Make sure your company maintains strong network passwords, and require employees to change them every 30-90 days. Also, change factory default passwords on all computer equipment.
- Use secure remote access methods.
- Segment networks and make sure appropriate access controls are in place.
- Put into practice the use of all necessary software patches and updates.
- Use firewalls.
- When applicable, develop and enforce mobile device security policies such as encryption.
When in doubt, an incident response plan also can’t hurt. The Arthur J. Gallagher & Co. report said that such a document should detail how an organization will address either a known breach or potential one. It is also important to remember that reducing cyber risks involves collaboration with multiple departments, because the issue “involves more than an organization’s information technology team,” the report noted.
Click here to access the full report.
Source: Arthur J. Gallagher & Co.