Identity Cyber Scores: The New Metric Shaping Cyber Insurance in 2026
嗯,用户让我总结一下这篇文章的内容,控制在100字以内,而且不需要用“文章内容总结”之类的开头。好的,首先我得通读一下这篇文章,了解它的主要观点。 文章主要讲的是网络安全保险和密码安全的关系。现在三分之一的网络攻击涉及到员工账户被攻破,所以保险公司和监管机构更重视身份安全 posture 在评估网络风险中的作用。也就是说,他们更关注企业的身份安全措施是否到位。 接下来,文章提到很多组织在评估这些身份安全因素时还不是很透明。比如密码卫生、特权访问管理和多因素认证(MFA)的覆盖率等因素对评估网络风险和保险费用越来越重要。因此,理解这些身份相关的因素对企业来说至关重要,特别是想降低风险、获得更有利保险条款的企业。 然后文章详细解释了为什么身份 posture 现在对承保如此重要。数据泄露的平均成本很高,企业转向网络保险来管理财务风险。但随着索赔数量增加,保险公司收紧了承保要求。攻击者经常通过凭证盗窃来入侵系统,所以强大的身份控制可以减少单个账户被攻破导致的广泛破坏。 接下来是保险公司关注的身份安全因素:密码卫生、特权访问管理和MFA覆盖率。例如,密码重复使用、过时的身份验证协议、休眠账户、服务账户的密码永不过期以及共享管理凭证都会增加风险。保险公司更看重企业是否理解和积极管理这些风险。 最后,文章给出了四个步骤来提高身份安全得分:消除弱密码和共享密码、全面应用MFA、减少永久特权访问以及定期审查访问权限。同时提到Specops Password Auditor这样的工具可以帮助企业监控和改善这些方面。 总结一下,这篇文章强调了身份安全在网络安全保险中的重要性,并给出了企业如何提升这方面的能力以获得更有利的保险条款。 </think> 随着网络攻击频发,保险公司和监管机构日益重视企业身份安全 posture 在评估网络风险中的作用。密码卫生、特权访问管理和多因素认证(MFA)覆盖率等因素成为关键考量指标。企业需加强身份安全管理以降低风险并获得更有利的保险条款。 2026-2-20 10:30:0 Author: thehackernews.com(查看原文) 阅读量:0 收藏

Cyber Insurance / Password Security

With one in three cyber-attacks now involving compromised employee accounts, insurers and regulators are placing far greater emphasis on identity posture when assessing cyber risk. 

For many organizations, however, these assessments remain largely opaque. Elements such as password hygiene, privileged access management, and the extent of multi-factor authentication (MFA) coverage are increasingly influential in how cyber risk and insurance costs are evaluated.

Understanding the identity-centric factors behind these assessments is critical for organizations seeking to demonstrate lower risk exposure and secure more favorable insurance terms.

Why identity posture now drives underwriting

With the global average cost of a data breach reaching $4.4 million in 2025, more organizations are turning to cyber insurance to manage financial exposure. In the UK, coverage has increased from 37% in 2023 to 45% in 2025, but rising claims volumes are prompting insurers to tighten underwriting requirements. 

Credential compromise remains one of the most reliable ways for attackers to gain access, escalate privileges, and persist within an environment. For insurers, strong identity controls reduce the likelihood that a single compromised account can lead to widespread disruption or data loss, supporting more sustainable underwriting decisions.

What insurers want to see in identity security

Password hygiene and credential exposure

Despite the growing use of multi-factor authentication and passwordless initiatives, passwords still play a key role in authentication. Organizations should pay particular attention to the behaviors and issues that increase the risk of credential theft and abuse, including: 

  • Password reuse across identities, particularly among administrative or service accounts, increases the likelihood that one stolen credential leads to broader access.
  • Legacy authentication protocols are still common in networks and frequently abused to harvest credentials. NTLM persists in many environments despite being functionally replaced by Kerberos in Windows 2000.
  • Dormant accounts with valid credentials, which act as unmonitored entry points and often retain unnecessary access.
  • Service accounts with never-expiring passwords, creating long-lived, low-visibility attack paths.
  • Shared administrative credentials, reduce accountability and amplify the impact of compromise.

From an underwriting perspective, evidence that an organization understands and actively manages these risks is often more important than the presence of individual technical controls. Regular audits of password hygiene and credential exposure help demonstrate maturity and intent to reduce identity-driven risk.

Privileged access management

Privileged access management is a critical measure of an organization’s ability to prevent and mitigate breaches. Privileged accounts can have high-level access to systems and data, but are frequently over-permissioned. As a result, insurers pay close attention to how these accounts are governed.

Service accounts, cloud administrators, and delegated privileges outside central monitoring significantly elevate risk. This is especially true when they operate without MFA or logging.

Excessive membership in Domain Admin or Global Administrator roles and overlapping administrative scopes all suggest that privilege escalation would be both rapid and difficult to contain. 

Poorly governed or unknown privileged access is typically viewed as higher risk than a small number of tightly controlled administrators. Security teams can use tools such as Specops Password Auditor to identify stale, inactive, or over-privileged administrative accounts and prioritize remediation before those credentials are abused.

Specops Password Auditor - Dashboard

When determining the likelihood of a damaging breach, the question is straightforward: if an attacker compromises a single account, how quickly can they become an administrator? Where the answer is “immediately” or “with minimal effort,” premiums tend to reflect that exposure.

MFA coverage 

Most organizations can credibly state that MFA has been deployed. However, MFA only meaningfully reduces risk when it is consistently enforced across all critical systems and accounts. In one documented case, the City of Hamilton was denied an $18 million cyber insurance payout after a ransomware attack because MFA had not been fully implemented across affected systems.

While MFA isn’t infallible, fatigue attacks first require valid account credentials and then depend on a user approving an unfamiliar authentication request, an outcome that is far from guaranteed.

Meanwhile, accounts that authenticate via older protocols, non-interactive service accounts, or privileged roles exempted for convenience all offer viable bypass paths once initial access is achieved.

That’s why insurers increasingly require MFA for all privileged accounts, as well as for email and remote access. Organizations that neglect it may face higher premiums.

Four steps to improve your identity cyber score 

There are many ways organizations can improve identity security, but insurers look for evidence of progress in a few key areas:

  1. Eliminate weak and shared passwords: Enforce minimum password standards and reduce password reuse, particularly for administrative and service accounts. Strong password hygiene limits the impact of credential theft and reduces the risk of lateral movement following initial access.
  2. Apply MFA across all critical access paths: Ensure MFA is enforced on remote access, cloud applications, VPNs, and all privileged accounts. Insurers increasingly expect MFA coverage to be comprehensive rather than selectively applied.
  3. Reduce permanent privileged access: Limit permanent administrative rights wherever practical and adopt just-in-time or time-bound access for elevated tasks. Fewer always-on privileged accounts directly reduce the impact of credential compromise.
  4. Regularly review and certify access: Conduct routine reviews of user and privileged permissions to ensure they align with current roles. Stale access and orphaned accounts are common red flags in insurance assessments.

Insurers increasingly expect organizations to demonstrate not only that identity controls exist, but that they are actively monitored and improved over time.

Specops Password Auditor supports this by providing clear visibility into password exposure within Active Directory and enforcing controls that reduce credential-based risk.

To understand how these controls can be applied in your environment and aligned with insurer expectations, speak with a Specops expert or request a live demo.

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.


文章来源: https://thehackernews.com/2026/02/identity-cyber-scores-new-metric.html
如有侵权请联系:admin#unsafe.sh