Avoid High Cyber Insurance Costs By Improving Active Directory Security
Organizations are investing more than ever to protect themselves from the looming threat of cybercrime. Insurance broker and risk advisor Marsh revealed that US cyber insurance premiums rose by an average of 11% in the first quarter of 2023, and Delinea reported that 67% of survey respondents said their cyber insurance costs increased between 50% and 100% in 2023.
With the cost of premiums rising, the survey says it is becoming more difficult for companies to qualify for and obtain cyber insurance, CISOs and IT leaders are looking for ways to make their organizations more secure in the eyes of insurers.
Reinforcing Active Directory security is one way to protect an organization’s critical infrastructure and manage or even potentially reduce the costs of cyber insurance.
Why are cyber insurance rates rising?
Numerous factors contribute to the rising cost of cyber insurance premiums. As the impacts of cybercrime grow and evolve, cyber insurers will continue to raise their rates to provide coverage.
More remote work: The increase in remote work — hastened by lockdown orders during the COVID pandemic — means organizations have more devices accessing their systems from various locations, including personal devices and home networks. This increased attack surface gives hackers more potential entry points.
Increased cyberattacks: The number of cyberattacks continues to grow. In his report “The Continued Threat to Personal Data: Key Factors Behind the 2023 Increase,” MIT professor Stuart Madnick revealed that there were more cyberattacks in the first nine months of 2023 than in all of 2022 combined.
More claims: As attacks grow, so too do cyber insurance claims. Access management firm Delinea’s “2023 State of Cyber Insurance Report” found that the vast majority of organizations with cyber insurance policies — 80% — have submitted a claim, and nearly half (47%) have submitted multiple claims.
Higher payouts: Ransomware gangs have been known to target organizations with cyber insurance, believing it will increase their odds of receiving a payout. SC Magazine reported that ransomware payouts skyrocketed in the past year, with the average payout rising from just over $812,000 in 2022 to more than $1.5 million in 2023.
Why Active Directory security matters
Active Directory is a key part of many organization’s IT networks, managing credentials, security policies, and controlling user access. But its central location makes it an extremely attractive target for cybercriminals.
If a bad actor can breach your end users’ Active Directory passwords, they can cause massive, mission-critical consequences — from disrupting your day-to-day operations to stealing confidential data and causing huge amounts financial damage.
What cyber insurers’ look for in Active Directory security
Cyber insurers are keenly interested in managing their own risks and, as a result, pay close attention to an organization’s risk management practices when determining whether to provide coverage. They know Active Directory is central to most business networks, so they pay extra close attention to how it’s secured.
Insurers understand that a well-secured Active Directory can drastically reduce the likelihood of a successful cyber-attack and often require evidence of your organization’s robust Active Directory security measures before they offer coverage.
Cyber insurers typically evaluate a number of Active Directory security measures, looking for a multi-faceted strategy that combines robust technical measures with rigorous policy enforcement:
Security audits and regular monitoring: Insurers favor organizations that conduct thorough security audits of their Active Directory environment, assessing all aspects, including configurations, user permissions, and group policies. Insurers will assess the frequency and depth of your audits, ensuring that your organization proactively identifies and addresses vulnerabilities. Interested in auditing? Run a free, read-only scan of your Active Directory today with Specops Password Auditor.
Block weak and compromised passwords: The most important step to increase the overall password security in your Active Directory environment is to block weak and compromised passwords. Enforcing compliance requirements, creating custom dictionaries of blocked words, and continuously scanning for compromised passwords will remove easy attack routes for hackers.
Access control and authentication protocols: Cyber insurers also look for strong Active Directory access control measures, including strict user authentication protocols like multi-factor authentication (MFA), which add an extra layer of security beyond passwords. Additionally, insurers will evaluate how your organization manages user permissions, favoring an organization that ensures users have the minimal level of access necessary to perform their roles.
Patch management and software updates: Insurers want to confirm that your organization is keeping Active Directory and all its related systems up-to-date and want proof your company has a robust patch management policy that ensures all your software is current and protected against known vulnerabilities. And they look beyond your Active Directory software, examining the servers’ operating systems and other infrastructure components on which you run Active Directory to ensure they’re also updated.
Protect privileged access and accounts: Domain admin accounts offer unparalleled access to your systems, so cyber insurers are especially interested in how you protect these accounts. Ensure that privileged accounts require multifactor authentication and enforce stronger password policies for your domain admin accounts than your regular users. Additionally, minimize the number of domain admin accounts available, understanding that many insurers see more than five domain admin accounts as “high risk.”
How to secure your Active Directory
To effectively address evolving cyber threats and reduce your organization’s cyber insurance-related financial risks, prioritize your Active Directory security.
Strengthening your cyber defenses — by implementing comprehensive security measures like regular audits, robust access control, and proactive patch management — will not only boost your cybersecurity but will also ensure your Active Directory is well-secured, helping you obtain critical cyber insurance coverage.
Specops Password Policy enforces a stronger Active Directory password policy, helps organizations block weak passwords that can be vulnerable to cyber-attacks and simplifies the management of fine-grained password policies.
The Breached Password Protection feature continuously and automatically scans your Active Directory for over 4 billion known compromised passwords, proving to insurers that you’re serious about enforcing effective password security.
Learn how Specops Password Policy not only automates password security but also helps users create stronger passwords in Active Directory with dynamic, informative client feedback.
Sponsored and written by Specops Software.