Insurance against cyber crime is now standard protection for companies. But the insurance conditions depend on your own defense quality. The Sophos report on cyber insurance shows that those who have insurance are more likely to pay criminals ransom.
In the new report "The Critical Role of Frontline Cyber Defenses in Cyber Insurance Adoption", Sophos has examined the connections between defense quality, insurability and insurance conditions for companies. 95 percent of organizations that purchased a cyber insurance policy in the last year say the quality of their organization's cyber defenses directly impacts their insurance terms.
- For 60 percent, the quality influences the possibility of getting insurance cover at all
- 62 percent indicate an impact on the cost of coverage
- In 28 percent of the cases, the quality of defense influences the terms of the contract
In the meantime, an extremely large number of insured companies
🔎 Companies that have already been hit by ransomware said that getting coverage affected premiums: the qualities of defense capabilities determine the premium – those who have already been hit by ransomware have a harder time getting a contract (Picture: Sophos).
The report, The Critical Role of Frontline Cyber Defenses in Insurance Adoption, also states that cyber insurance adoption is now the norm. 91 percent of organizations have insurance coverage and 8 percent plan to purchase a policy within the next year. Insurance coverage, in turn, plays a role in companies' ability to recover from an attack.
Those who are insured are four times more likely to pay ransom for their data
Organizations with cyber insurance are better able to recover their data if it was encrypted in a ransomware attack:
- 98 percent with stand-alone policy and 97 percent with comprehensive insurance coverage are recoverable compared to 84 percent without coverage.
- Companies with stand-alone policies were almost four times more likely to pay the extortion fee to recover their data than those without insurance: 59 percent of companies with stand-alone cyber insurance paid the claim. In contrast, 37 percent of companies that purchased cyber insurance as part of a broader insurance policy and 15 percent of those that did not have cyber insurance paid the ransom.
"The quality of a company's cybersecurity measures Protection against active attacks is crucial. Organizations need to properly configure and manage security technologies while also responding effectively to threats, which requires expert skills,” said Raja Patel, senior vice president of products at Sophos. "With the industry-first threat detection and response capability Sophos meets its customers where they are and enables them to achieve excellent security results.”
background to the study
The data from The Critical Role of Frontline Cyber Defenses in Cyber Insurance Adoption study comes from an independent global study conducted in January and February 2023 among 3.000 cybersecurity/IT professionals in 14 countries.
More at Sophos.com
About Sophos More than 100 million users in 150 countries trust Sophos. We offer the best protection against complex IT threats and data loss. Our comprehensive security solutions are easy to deploy, use and manage. They offer the lowest total cost of ownership in the industry. Sophos offers award-winning encryption solutions, security solutions for endpoints, networks, mobile devices, email and the web. In addition, there is support from SophosLabs, our worldwide network of our own analysis centers. The Sophos headquarters are in Boston, USA and Oxford, UK.