Phishing-Resistant MFA Helps Businesses Reduce Risk And Costs In The Face Of A Rapidly Changing Cyber Insurance Landscape
Posted: Wednesday, Nov 29

i 3 Table of Contents

Phishing-Resistant MFA Helps Businesses Reduce Risk And Costs In The Face Of A Rapidly Changing Cyber Insurance Landscape
From KBI

To address and insulate themselves from the growing trend of cyber security breaches, more businesses are turning to insurance agencies for cyber insurance policies. While these policies have been around in some form since the late 1990s, the fast growing threat landscape and comparative youth of these policies means that rates and limits have fluctuated wildly as underwriters attempt to understand the risks and controls that insurers can enact. From the outside, it can appear to be similar to the “wild west” with spikes in premiums, sudden limits in coverage, and new and more stringent requirements to even classify for a policy.

As insurers better attempt to quantify and control for loss, the security policy and posture of customers looking for policies is often inspected. Customers who rely solely on traditional passwords [and soon legacy multi-factor authentication (MFA) tools] are no longer eligible to qualify for cyber insurance. Adopting modern, phishing-resistant MFA tools, including security keys like the YubiKey, will soon become mandatory to qualify for many cyber insurance policies and the best premiums. This is why we’re currently seeing a shift in how businesses are approaching cyber insurance around the world.

Tackling Cyber Threats Through Cyber Insurance 

Legacy authentication such as mobile-based MFA introduces risk when users become conditioned to hitting ‘approve’ for every request to authenticate (causing MFA fatigue) or are tricked by attacker-in- the-middle (AiTM) phishing attacks. However, the fault for these risks lies not with the user, but with legacy authentication. When it came time to replace legacy authentication, customer engagement specialist Afni knew that YubiKeys delivered phishing-resistant MFA that is needed for strong security and to qualify for the best cyber insurance premiums.

The YubiKey is a modern, multi-protocol hardware security key that enables FIDO and smart card-based phishing-resistant MFA and passwordless authentication at scale. As the only solution proven to stop 100 pr cent of account takeovers in independent research, the YubiKey offers strong authentication with a fast and easy user experience and addresses the stringent compliance needs of organisations at scale. Further, the YubiKey reduces risk associated with new ways of working that involve remote or hybrid work environments.

In a market where premiums have been on the rise, not only did Afni qualify for continued coverage, but the underwriters were also willing to compete on price.

“In the end, Afni received insurance at a 30 per cent decrease from its previous level. When I’m going down by a third and others are going up by 20 per cent or higher, that’s a really big win,” said Brent Deterding, chief information security officer (CISO), Afni. “In fact, I estimate our premiums are nearly half of what others are having to pay.”

New Cyber Policy From Generali Highlights Future Of Cyber Insurance

In addition to companies making adjustments to how they approach security for cyber insurance premiums, insurance companies themselves are aiming to greatly improve their offerings to be able to offer the most secure, easy-to-use solutions to their customers.

Generali, one of the largest global insurance and asset management providers in the world, believes that FIDO U2F/FIDO2 security keys are a critical, strong MFA solution to help their customers stay secure and reduce the risk from sophisticated cyberattacks. This is why the company recently unveiled a new cyber policy – called CyberRED – which gives customers a base package of 10 YubiKeys, with more options available for enterprise customers.

“Thanks to cooperation with MCX Group and Yubico, Generali is introducing an innovation in cyber insurance to the market – enhancing insurance protection with a risk prevention element in the form of FIDO U2F/FIDO2 keys,” said Michał Balwiński, cyber practice leader at Generali Polska. “I believe that brokers and customers will appreciate this solution, as it provides real protection in the face of a constantly growing cyber threat.”

“We are very pleased with our cooperation with Generali and MCX Group,” said Marcin Majchrzak, sales manager at Yubico. “This partnership enables us to continue our mission to educate users about cybersecurity threats and make the internet safer for everyone. We believe that our innovative technology and experience in the field of security will contribute to a significant reduction in cyber risk for Generali’s customers.”

To learn more about Afni’s ROI with cyber insurance and YubiKeys, check out the case study here. For more information on Generali CyberRed offering, visit their site.

The Production Team
The KBI Production Team is a staff of specialist technology professionals with a detailed understanding across much of cybersecurity and emerging technology. With many decades of collective industry experience, as well as expertise in marketing & communications, we bring news and analysis of the cybersecurity industry.
Share This