- Published: Friday, 11 November 2022 09:26
Delinea published a new report showing that cyber insurance has not only become ubiquitous, but more than half of companies that have taken advantage of their coverage have used it more than once. As a result, insurers are pulling back to cover what’s most needed – with only about 30 percent of organizations saying their policy covers critical risks, including ransomware, ransom negotiation and ransom payment decision.
A survey for the report, conducted by Censuswide of 300 US-based IT decision makers, found that nearly 70 percent of organizations have applied for cyber insurance, with 93 percent approved when they applied, and 65 percent claims that the process took less than three. months. Although risk reduction is the main reason for application (40 percent), one-third (33 percent) of respondents claimed it was also due to requirements from executive management and boards, and 25 percent cited recent ransomware incidents as a primary decision quoted. manager.
So given the pressure coming from the top, it’s no surprise that 93 percent received the budget needed to purchase their cyber insurance policies, even though 75 percent of respondents said premiums increased in their last renewal.
“Executives and boards use cyber insurance to lower the costs associated with potential breaches. As a result, most organizations are scrambling to buy or renew a policy, even as insurers scale back what they will cover and simultaneously raise the price of coverage,” said Art Gilliland, CEO of Delinea. “Our report shows that insurers are increasingly requiring organizations to implement a broader set of security controls to try to reduce the number of customers using their policies. With 80 percent of companies using their insurance policies, it is expected that more advanced solutions are needed.”
Other top reasons cited for applying for cyber insurance were business contract requirements (24 percent) and recent data breaches (17 percent). The largest number of respondents (48 percent) indicated that their policy covers data recovery, while about a third indicated that it covers incident response, regulatory fines and third-party damages.
To qualify for cyber insurance, a majority of respondents (51 percent) confirmed that cybersecurity awareness training is a requirement, with just under half (47 percent) saying they need malware protection, antivirus software, multi-factor authentication ( MFA) must have ), and backup data. When asked how they met insurers’ requirements for Privileged Access Management, a similar percentage said they had suitable existing solutions (43 percent) than those who needed to acquire additional solutions (42 percent).
Delinea’s report, ‘Cyber Insurance – If You Get It, Be Ready to Use It’, is available at delinea.com/resources