Professional Insurance Programs

Managing Cyber Risk

In a world where more and more people and devices are connected to the Internet, greater focus must be placed on security and privacy. While the Internet has opened us up to a world of possibilities and global connectivity to millions, the very strength of the network – the speed, openness and access – creates a myriad of vulnerabilities. Additionally, securing a business’ network grows infinitely more complex as information pours in from thousands of devices through public web-based and cloud service providers.

Organizations must educate their employees, clients, and vendors to these risks and take the appropriate actions to protect their information. Follow these security essentials to create a more secure environment for your business:

Build a risk-aware culture

Whether you open a dubious attachment, use an infected flash drive or fail to install a security patch on your laptop, everyone is at risk. Educate your employees about cyber risks and the measure they can take to protects themselves and the company.

Manage and report all incidents

Report all cyber attacks and potential attacks. Security breaches that occur at different companies or different locations may be related, but this can only be discovered if incidents are reported and analyzed.

Defend the workplace

Ensure all devices connected to a network – from a laptop to a printer to a smart TV – are up to date with the latest security software and follow all cyber security management and policy enforcement.

Security by design

One of the biggest vulnerabilities in information systems – and wastes of money – comes from implementing services first and add security on as an afterthought. Build security into your network from the beginning and maintain regular tests to track conformance and compliance.

Keep it clean

Cyber criminals target people and businesses are that using old, out of date software. Maintain a comprehensive security system and install necessary updates and patches as they are releases.

Control network access

Companies that channel registered data through monitored access points will have a far easier time spotting and isolating malware.

Security in the clouds

If your company utilizes public cloud data centers, ensure you have the tools and procedures in place to monitor possible threats and isolate your data from other company in that data center.

Patrol the neighborhood

Ensure your vendors and clients are also aware of your risk-aware culture.

Protect the company’s crown jewels

Every company has crown jewels, whether it is scientific data, acquisitions documents, or clients financial and person information. Whenever your company carries out an inventory, with critical data should get special treatment, guarded, tracked and encrypted as if the company’s survival depends on it.

Track who’s who

Ensure you have procedures in place to manage the access and permissions of your employees. If an employees leaves, you must have the control to revoke any access they have to company, client and vendor information.

For more information on cyber security, contact Professional Insurance Programs at 800-637-4676 or

Source: IBM Security Intelligence 2015