News
Will your cyber insurance cover an attack in 2023?
March 2023 by Nick Westall, CTO, CSI Ltd
The rise of ransomware attacks, and insurance companies paying hundreds of millions in cybersecurity-related claims each year are being blamed for organisations now facing rising cyber insurance rates, tightening of standards, and limiting coverage. With average ransom payments reaching $812,000 during 2021, the true cost of ransomware is in fact much more when the cost of downtime and reputational damage is factored in.
Cyber insurance protects businesses against internet-based risks, such as data breaches, cyber attacks and other threats. Policies generally cover expenses associated with a cyber incident such as investigation, legal fees, customer notification costs and regulatory fines.
However, the recent trend of insurance companies tightening their standards has been found to be a particular challenge for organisations with recent research by CSI Ltd[1] finding that only 2 in 10 (19%) security decision makers are fully confident that their cyber insurance will cover their cyber risk in 2023. Less than a third (29%) were fully confident that they were compliant with the new stricter terms that insurance companies are now stipulating.
Yet, the risk level only looks to increase. CSI Ltd’s research found that 78% of organisations believe the current cost-of-living crisis will increase the risk of a cyber threat occurring in their organisation. When asked what factors they anticipate will increase due to the economic climate, 43% said fraud and phishing attempts, 45% said new and emerging threats, 39% said greater risk of supply chain partners being breached and 34% said reduced budgets leading to lack of third-party services and tools.
Companies now need to demonstrate that they have taken adequate steps to safeguard their IT infrastructure before they are granted cyber insurance. It’s now essential to be proactive and implement effective security controls to thwart cyber-attacks. A reactive approach to identifying and responding to a cyber attack is no longer acceptable and will not only make it difficult to obtain cyber insurance, it will also put the company at significant risk of financial and reputational damage in the event of a breach.
Whilst the prospect of having no cover may be daunting, it perhaps serves as a point of reflection for companies to adequately reassess their own security posture and strengthen it where required. So how can organisations ensure that they are operating on the front foot when it comes to their cyber security posture?
Immutable backup and disaster recovery
One of the essential controls for an organisation is immutable backup and disaster recovery. Backups allow companies to restore their systems and data quickly after a cyber-attack, while immutable backups guarantee that the data is not altered or deleted, even by an attacker with administrative privileges. This ensures that a company can quickly recover from an attack without losing data or compromising the integrity of it.
Endpoint detection and response (EDR)
EDR is another control that should be included as part of an organisation’s arsenal to reduce cyber risk. EDR technology provides real-time visibility and response capabilities into the endpoints of a company’s network. This allows security teams to detect and respond to threats quickly.
Managed detection and response (MDR)
MDR is a service that combines technology with human expertise to monitor a company’s network and identify potential threats. It provides proactive defence against attacks by detecting and responding to them before they can cause harm.
Patch Management
A significant proportion of external breaches are due to unpatched vulnerabilities. A poor patching regime can have catastrophic consequences on systems, personally identifiable information, and intellectual property.
Keeping software and operating systems up to date with the latest security patches is crucial to prevent known vulnerabilities from being exploited by attackers. Patch management as a discipline also plays a crucial role in improving stability and functionality.
Multi-factor authentication (MFA)
MFA requires users to provide more than one form of authentication before accessing a system or application. This additional layer of security helps to prevent unauthorised access and protects against phishing attacks.
Strengthening security posture is the real win
Cyber insurance can bring peace of mind for organisations, after all, it’s not a case of ‘if’ but ‘when’ they may fall victim to a cyber-attack. Cyber insurance can help you recover from external attacks from bad actors as well as oversights from within the business, putting the focus back on the core operations.
However, taking a proactive approach to reducing your risk profile will increase your overall security stance – which is a win, regardless of whether you have cyber insurance or not.
