When it comes to cyber insurance, the fine print matters

When it comes to cyber insurance, the fine print matters

Share post

When it comes to cyber insurance, companies are faced with rising premiums, lower coverage amounts and stricter IT security requirements.

Obtaining affordable and comprehensive cyber insurance is becoming increasingly time and resource consuming for companies. The process is increasingly taking six months or longer, as the “2023 State of Cyber ​​Insurance” report from Delinea, the specialist for solutions that seamlessly extend privileged access management, now shows. Insurers are also setting increasingly strict cybersecurity requirements for companies and increasing the number of exclusion criteria, which make taking out a cyber policy increasingly unattractive for potential customers.

The study* also reveals that the costs of taking out cyber insurance continue to skyrocket: 67 percent of those surveyed stated that the insurance rates increased by 50 to 100 percent when applying for or renewing the policy. At the same time, more and more companies are making claims to their insurers. Compared to last year's cyber insurance study, the number of companies that used their insurance more than once rose to 47 percent.

Protection against nasty surprises

When asked about insurance companies' top criteria that preclude coverage for claims, 43 percent of respondents cited lack of safety protocols, followed by human error (38%), acts of war (33%) and failure to follow proper compliance procedures (33%). . Companies are therefore required to carefully check the small print of their policies so as not to be stuck with high (partial) costs in an emergency.

“Over the last year it has become clear that cyber insurers have carefully analyzed the new data and drawn their conclusions from it. “In the early days of cyber insurance, they were all about meeting demand, but now they realize they need to reduce their own risk for both preventable and uncontrollable circumstances,” said Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea. “Our report findings also show that most companies are not approaching cyber insurance with the same level of care – many of them just want to get covered quickly. In doing so, they miss out on checking whether the policy they took out last year still meets their current needs or whether the policy changed when it was renewed. This insurance gap could fall on many companies' feet, for example if a cyber security incident occurs and the hoped-for financial safety net does not take effect.

driving forces

On a positive note, many organizations continue to invest heavily in cybersecurity solutions to effectively protect against threats while meeting the increasing cyber insurance requirements. 96 percent of companies purchased at least one security solution before their insurance application was approved. 81 percent also stated that they had received the necessary budget to successfully take out the desired cyber insurance. 36 percent said that management or the board were the driving force.

Effective access management

Given that the majority of cyberattacks occur using stolen credentials, it's no surprise that insurance providers are demanding appropriate security controls. 51 percent of those surveyed stated that identity and access management (51%) is required in their insurance policy, and almost as many (49%) have to provide privileged access management. Here too, company management is increasingly making budget available: 50 percent purchased IAM solutions, 45 percent purchased a password vault and 44 percent invested in PAM controls that are necessary to secure their insurance.

“If organizations don't already have these access control solutions in place, it's time to implement them before looking to purchase or renew cyber insurance,” adds Joseph Carson. "Because these are elementary security controls that - together with basic measures such as anti-malware software, data encryption, firewall, intrusion detection, patching and vulnerability management - ensure a comprehensive cybersecurity strategy."

More at Delinea.com


About Delinea

Delinea is a leading provider of Privileged Access Management (PAM) solutions that enable seamless security for modern, hybrid businesses. Our solutions enable organizations to secure critical data, devices, code and cloud infrastructure to reduce risk, ensure compliance and simplify security. Delinea removes complexity and redefines access for thousands of customers worldwide, including more than half of the Fortune 100 companies. Our customers range from small businesses to the world's largest financial institutions, organizations and critical infrastructure companies.


Matching articles on the topic

Cybersecurity platform with protection for 5G environments

Cybersecurity specialist Trend Micro unveils its platform-based approach to protecting organizations' ever-expanding attack surface, including securing ➡ Read more

IT security: NIS-2 makes it a top priority

Only in a quarter of German companies do management take responsibility for IT security. Especially in smaller companies ➡ Read more

Data manipulation, the underestimated danger

Every year, World Backup Day on March 31st serves as a reminder of the importance of up-to-date and easily accessible backups ➡ Read more

Printers as a security risk

Corporate printer fleets are increasingly becoming a blind spot and pose enormous problems for their efficiency and security. ➡ Read more

The AI ​​Act and its consequences for data protection

With the AI ​​Act, the first law for AI has been approved and gives manufacturers of AI applications between six months and ➡ Read more

Windows operating systems: Almost two million computers at risk

There are no longer any updates for the Windows 7 and 8 operating systems. This means open security gaps and therefore worthwhile and ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

DSPM product suite for Zero Trust Data Security

Data Security Posture Management – ​​DSPM for short – is crucial for companies to ensure cyber resilience against the multitude ➡ Read more