Professional Documents
Culture Documents
LOG IN
For Individuals For Business Claim Center Prepare & Prevent
Them ;Video=
Related Content
Watch on Cyber Terms 101
“Companies can have employee training that both prepares and tests employees to recognize and View More Cyber Insurance Options
respond to malicious phishing attempts,” says Tim Francis, Travelers Enterprise Cyber Lead. If a
phishing attempt is successful, having the proper security in place provides another line of defense:
protecting the rest of your network by segmenting the network and implementing strong
Need an Agent?
authentication between the network and important data.
Nearly two-thirds of confirmed data breaches involved leveraging weak, default or stolen passwords.2
Malware poses a serious threat, as it can capture keystrokes from an infected device even if
employees use strong passwords with special characters and a combination of upper- and lower- See All Cyber Content
case letters.
Still, strong passwords are the first line of defense against hackers, according to Tim Francis. “Use
multi-factor authentication, enforce strong password requirements, patch operating systems,
software and apps, and increase redundancy and bandwidth,” Francis says.
Disgruntled employees present an insider threat to data. Insider threats accounted for 15 percent of
breaches across all patterns,3 and they can be especially challenging for companies because
employees often have both access to data and knowledge of what is stored and where.
Restricting access to sensitive data to only employees with an immediate need to use the data can
help reduce the threat. Companies can limit, log and monitor internal account usage to protect
against rogue employees, as well as protect against external attackers disguising themselves as
legitimate users.
Bad actors have been modifying codes and implementing new ransom attack methods, sparking a
rise in ransomware as the fifth most common form of malware, up from the 22nd most common in the
2014 Verizon Data Breach Incident Report.4 Many companies are paying ransom, often via
anonymous bitcoin payments, to have their data restored.
“The people who fall victim to ransomware are not following the information security rules, including
encryption and frequent backups,” Pascal Millaire, Vice President and General Manager of Cyber
Insurance at Symantec. If you are able to independently restore the data, you will be less affected by
the ransom attempt, but you will still need to determine how the cyber thief gained access to your
network before making their ransom attempt.
Sources:
1 http://www.verizonenterprise.com/resources/reports/rp_data-breach-digest-2017-perspective-is-
reality_xg_en.pdf
2 Ibid.
3 Ibid.
4 Ibid.
Travelers and The Travelers Umbrella are registered trademarks of The Travelers Indemnity Company in the U.S. and other countries.
© 2022 The Travelers Indemnity Company. All rights reserved.