What can firms do to protect themselves? There is no such thing as 100% secure when it comes to cyber security. The recent SolarWinds & Microsoft Exchange Server breaches demonstrates that a well-resourced hacker can hack any system, including the US government. However, there are some core cyber risk management tools that every organization should consider.

Email controls & security – first line of defense against ransomware events. Use of an email filtering gateway, DKIM, SPF and DMARC will reduce (but not eliminate) the threat posed hackers.

Multi-Factor Authentication (MFA), especially for all remote access, critical applications, back-ups and privileged accounts.

Utilize an endpoint detection and response tool – in the current environment, endpoint protection alone is no longer good enough. Insurers will want to see firms use endpoint detection and response tools before offering terms.

Secure back-ups – increasingly back-ups are also encrypted by the hackers. Secure back-ups are essential – segregated from the network, offline, backed up on to tapes, access via MFA. And test the back-ups frequently.

Training – one of the weak links in most companies’ defense to hackers is their people. So, train and test all people with connectivity to the network in information security awareness, especially phishing threats running regular phishing campaigns. Share results. Give feedback. And continue to train/educate your people.

Maintain good cyber security hygiene – no unsupported software/systems within the network, regular patching, monitoring and logging of access and suspicious activity, have separate credentials for privileged access, limit local administration rights access and employ a strong password policy, with an enhanced version for employees with administration rights.