NJ Cyber Insurance Readiness Package

• EMAIL SECURITY
  Turn on Multifactor Authentication

Recommended for Best Rates:
-Deploy an email protection solution to prescreen emails

• BACKUPS
  -Deploy offsite or cloud backups for all critical data and systems
  -Assure those critical systems, applications and processes can recover in <10 days

Recommended for Best Rates:
-Use backups that continuously test restore to a virtual machine
-Use “immutable backups” that cannot be changed

• NETWORK SECURITY
  -Deploy Multi-factor Authentication for all admin access and on any remote access

• PATCHING
  Recommended for Best Rates:
  -Have a formal 30-day patching cadence, with critical and zero-day patching applied within 7 days

• ENDPOINT SECURITY

Recommended for Best Rates:
-Deploy an endpoint detection and response solution

• ENCRYPTION
  -If the applicant is a retailer, restaurant or online retailer, deploy end-to-end or point-to-point encryption on all point-of-sale terminals

Recommended for Best Rates:
-Encrypt all sensitive information at rest
-Encrypt all sensitive information on mobile devices & laptops

• SECURITY AWARENESS TRAINING
  Recommended for Best Rates:
  -At least annually, provide security awareness training for all staff
  -At least annually, training for executives and key personnel on fraudulent transfer schemes

• PROCESSES AND PROCEDURES FOR WIRES AND FUNDS TRANSFERS
  -Put in place controls that require all funds and wire transfers over $25k to be authorized and verified by at least two employees before execution

Recommended for Best Rates:
-Prevent unauthorized employees from initiating wire transfers
-Verify vendor/supplier bank accounts before adding them to accounts payable systems
-Require out-of-band authentication before the execution of all electronic payments