Q&A talks with Tim Francis, the enterprise cyber lead at Travelers Cos., about cybersecurity and cyber insurance issues during the coronavirus pandemic.
Get Instant Access to This Article
Subscribe to Hartford Business Journal and get immediate access to all of our subscriber-only content and much more.
- Critical Hartford and Connecticut business news updated daily.
- Immediate access to all subscriber-only content on our website.
- Bi-weekly print or digital editions of our award-winning publication.
- Special bonus issues like the Hartford Book of Lists.
- Exclusive ticket prize draws for our in-person events.
Click here to purchase a paywall bypass link for this article.
Q&A talks with Tim Francis, the enterprise cyber lead at Travelers Cos., about cybersecurity and cyber insurance issues during the coronavirus pandemic.
Q. With a lot more people working from home these days, what are the added cybersecurity risks that employers should be aware of?
A. Companies to some extent were forced to react on the fly when COVID-19 hit, and may not have had the appropriate security protocols in place for the number of devices that were being used and how many people would be working from home.
In the work-from-home environment, there exists a difference in computer security — potentially with home routers, maybe even home devices. Not connecting directly to a corporate system invites more vulnerability and creates additional cyber risk.
There was some really interesting research that was done recently by BitSight, a cybersecurity rating firm. It found that networks being used to work from home are 3 ½ times more likely to have malware present than the standard corporate network. It reinforces the importance of taking cyber risks seriously.
Q. What are the best strategies employers should consider or implement to protect against cyber attacks as their workers work remotely?
A. Make sure that in a work-from-home environment, employees are cognizant of what emails they’re opening.
One click on the wrong link can lead to a big problem. It’s also ideal when company-issued laptops are connecting through a VPN even when remote, using multi-factor authentication and that they’re running appropriate antivirus software.
Or better yet, running endpoint detection and response (EDR) software.
Q. What has Travelers seen in terms of cybersecurity claims activity since COVID-19 hit?
A. Even before COVID-19 hit, we were seeing increased claim activity, particularly around ransomware as more and more cyber criminals were being successful with those exploits.
That has continued during COVID-19.
Yet-to-be-determined is what will happen as companies begin to transition back to the office. As companies begin bringing their employees back to the office, devices that might have been infected in the home environment could lead to an increase in problems when they begin reconnecting with a corporate network.
Q. Travelers recently announced a risk management offering with SentinelOne. What is the relationship and why did you adopt it?
A. We wanted to work with SentinelOne, a leading provider of endpoint detection and response (EDR) software, and make their monitoring services available to our cyber policyholders.
With the unprecedented number of employees working remotely, it could expose work-from-home devices to serious cyber threats. And if a cyber criminal gains access to an employee’s computer when the employee is working from home, once that worker returns to the office, it elevates concern and vulnerability because the criminal is likely now lurking in the corporate network.
This service from SentinelOne uses artificial intelligence to monitor every inch of a network and can detect and immediately respond to a possible cyber event.
Q. Will insurers have to update or develop new cybersecurity policies if more people working remotely becomes the new norm long term? Do policies currently treat remote workers differently from employees who work out of a company’s office?
A. Insurance carriers regularly review policy language and details to reflect the current environment and the needs of their customers.
The effects of COVID-19 won’t be any different, since the pandemic has impacted how many businesses conduct numerous parts of their operations, including employees working remotely. Those changes can create new or additional vulnerabilities, including in the cyber landscape.
At Travelers, we’ll continue to review our policies to make sure they are incorporating the relevant and appropriate exposures and provide the necessary insurance protections for our customers.
