Cyber Liability Insurance, EDR, and MDM

Ask business leaders what they’re most worried about this year (as commercial insurer Allianz does annually), and their most common reply is now ransomware, data breaches, and other cyber threats.

Those concerns aren’t unwarranted. According to one study sponsored by Apple, data breaches in the US increased by nearly 20 percent in the first nine months of 2023 compared to all of 2022. Ransomware attacks rose as much as 95 percent over 2022. Such attacks can compromise customer data or make it impossible for companies to conduct business for extended periods of time. 

Who pays to remediate such attacks? What can you and your company do to protect yourselves? One answer to both questions is cyber liability insurance.

What Is Cyber Liability Insurance?

Cyber liability coverage protects your company in the event of a data loss or breach due to malicious attacks on your computers or servers (cloud-based or locally hosted). Depending on the kind of coverage you have, your insurance provider may also help defend you in lawsuits that result from cyberattacks or other data-related incidents.

There are two different types of cyber liability insurance: The first type is first-party coverage, and it typically includes financial recovery for the direct costs of a breach, including:

• Legal counsel;
• Recovery and replacement of lost data;
• Lost business income;
• Customer notification, including call-center expenses;
• PR;
• Fraud and extortion related to data exposure;
• Forensic services to discover and remediate hardware and software vulnerabilities; and
• Fees, fines, and penalties.

Third-party coverage, on the other hand, protects you in the event that your company gets sued because of a breach. It typically covers:

• Payments to your customers;
• Lawsuit claims and settlements;
• Litigation expenses;
• Damages and judgments; and
• Accounting costs.

The Federal Trade Commission’s small business website has some excellent resources on cybersecurity and insurance that are useful for companies of any size. Those resources include quizzes to help you assess your exposure as well as advice about deciding on your coverage needs.

Cyber Liability Insurance Requirements

Before providing almost any kind of coverage, insurers will need you to meet certain requirements. In the case of cybersecurity insurance, a vendor won’t likely provide coverage unless you can demonstrate that you’ve taken steps to secure your network, hardware, and data. Those steps may include:

• Strong cybersecurity policies;
• Processes to make sure devices have the latest software updates;
• Ongoing user education about best security practices;
• Backup, recovery, and disaster recovery plans; and
• Some form of endpoint detection and response (EDR).

Most insurance companies will require you to perform a basic security audit yourself or commission a third-party security audit before giving you a quote. It’s also likely that you’ll need to document any remediations you’ve made after the original audit. 

When performing such an audit, it’s important to include devices that had access to organization resources but aren’t directly under company control (i.e., BYOD): According to one Microsoft study, about 90 percent of successful ransomware attacks started on such devices.

Cyber Insurance, MDM, and EDR

As the list above indicates, many security risks can be mitigated by users who get proper training and follow the necessary policies and by admins who do that training and formulate those processes. But automation can help even more. 

Specifically, your MDM solution can ensure that all endpoint devices are properly updated and that your company-specific security settings and policies are being enforced. That includes automatically pushing essential software and security updates, enforcing password protocols, and enabling FileVault. Such automation can, in turn, prove to an insurer that you’re fulfilling their security requirements.

MDM can also help by installing EDR software on Mac endpoints. Once installed, EDR will actively scan those devices for cyber threats and, if it detects any, automatically mitigate them and thereby minimize damage. (“Automatically” is important: As insurance companies tighten their qualifications for liability coverage, they will likely require automatic remediation, as well as EDR deployments that users can’t tamper with.)

Once devices are enrolled in your MDM system, you can automate all of these security steps, ensuring that company policies are being followed and that the appropriate EDR software is installed on each device, all without requiring any direct interaction from the user. 

Cyber liability insurance is a critical investment for any company, large or small. It provides financial security in the event of catastrophic data loss. Additionally, its requirements will help ensure that your network and hardware assets are as hardened as possible. MDM and EDR solutions alone are no guarantee that you’ll qualify for such coverage. But together, they can help make the case to carriers that you're taking the right steps to protect your Apple fleet. 

About Kandji

Kandji is the Apple device management and security platform that empowers secure and productive global work. With Kandji, Apple devices transform themselves into enterprise-ready endpoints, with all the right apps, settings, and security systems in place. Through advanced automation and thoughtful experiences, we’re bringing much-needed harmony to the way IT, InfoSec, and Apple device users work today and tomorrow.