When it comes to cyber insurance, companies are faced with rising premiums, lower coverage amounts and stricter IT security requirements.
Obtaining affordable and comprehensive cyber insurance is becoming increasingly time and resource consuming for companies. The process is increasingly taking six months or longer, as the “2023 State of Cyber Insurance” report from Delinea, the specialist for solutions that seamlessly extend privileged access management, now shows. Insurers are also setting increasingly strict cybersecurity requirements for companies and increasing the number of exclusion criteria, which make taking out a cyber policy increasingly unattractive for potential customers.
The study* also reveals that the costs of taking out cyber insurance continue to skyrocket: 67 percent of those surveyed stated that the insurance rates increased by 50 to 100 percent when applying for or renewing the policy. At the same time, more and more companies are making claims to their insurers. Compared to last year's cyber insurance study, the number of companies that used their insurance more than once rose to 47 percent.
Protection against nasty surprises
When asked about insurance companies' top criteria that preclude coverage for claims, 43 percent of respondents cited lack of safety protocols, followed by human error (38%), acts of war (33%) and failure to follow proper compliance procedures (33%). . Companies are therefore required to carefully check the small print of their policies so as not to be stuck with high (partial) costs in an emergency.
“Over the last year it has become clear that cyber insurers have carefully analyzed the new data and drawn their conclusions from it. “In the early days of cyber insurance, they were all about meeting demand, but now they realize they need to reduce their own risk for both preventable and uncontrollable circumstances,” said Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea. “Our report findings also show that most companies are not approaching cyber insurance with the same level of care – many of them just want to get covered quickly. In doing so, they miss out on checking whether the policy they took out last year still meets their current needs or whether the policy changed when it was renewed. This insurance gap could fall on many companies' feet, for example if a cyber security incident occurs and the hoped-for financial safety net does not take effect.
driving forces
On a positive note, many organizations continue to invest heavily in cybersecurity solutions to effectively protect against threats while meeting the increasing cyber insurance requirements. 96 percent of companies purchased at least one security solution before their insurance application was approved. 81 percent also stated that they had received the necessary budget to successfully take out the desired cyber insurance. 36 percent said that management or the board were the driving force.
Effective access management
Given that the majority of cyberattacks occur using stolen credentials, it's no surprise that insurance providers are demanding appropriate security controls. 51 percent of those surveyed stated that identity and access management (51%) is required in their insurance policy, and almost as many (49%) have to provide privileged access management. Here too, company management is increasingly making budget available: 50 percent purchased IAM solutions, 45 percent purchased a password vault and 44 percent invested in PAM controls that are necessary to secure their insurance.
“If organizations don't already have these access control solutions in place, it's time to implement them before looking to purchase or renew cyber insurance,” adds Joseph Carson. "Because these are elementary security controls that - together with basic measures such as anti-malware software, data encryption, firewall, intrusion detection, patching and vulnerability management - ensure a comprehensive cybersecurity strategy."
More at Delinea.com
About Delinea Delinea is a leading provider of Privileged Access Management (PAM) solutions that enable seamless security for modern, hybrid businesses. Our solutions enable organizations to secure critical data, devices, code and cloud infrastructure to reduce risk, ensure compliance and simplify security. Delinea removes complexity and redefines access for thousands of customers worldwide, including more than half of the Fortune 100 companies. Our customers range from small businesses to the world's largest financial institutions, organizations and critical infrastructure companies.
Matching articles on the topic