In this opinion article, Scott Hesford argues that while cyber insurance is an important instrument for managing risk, organisations must still focus on ensuring they are effectively and responsibly managing cyber risk. He says that this entails implementing the right security controls and employee cyber awareness training and goes on to outline the five key controls that all businesses should strive to implement and demonstrate maturity in: multifactor authentication for email, remote network access, and privileged/admin access; back-ups that are encrypted and kept out of reach of ransomware; endpoint detection and response; employee awareness training; and a cyber incident response plan (that has been tested).

Read the full story here:

Prefers reduced motion setting detected. Animations will now be reduced as a result.