As the cost of cyber insurance rises, the number of organizations that cannot afford it will more than double – Help Net Security

The number of organizations that may not be able to afford cyber insurance, decline coverage, or have limited security will double in 2023, according to Huntsman Security.

Even for those with insurance, the perfect storm of constant attacks, tightening regulations and ever-increasing financial pressures makes it more likely that any attack on an organization will go unnoticed.

“Things like the food crisis, inflation and lack of skills are all adding to the challenges for organizations trying to follow their cybersecurity strategy. At the same time, rising insurance costs, limits on reimbursements, increased underwriting, and restrictions are all hindering the availability of cyber insurance, for many,” he said. Peter WoollacottCEO at Huntsman Security.

“Loss figures won’t improve until premiums match what’s paid. With the reduction of this insurance along with the increase in cyber threats and tightening regulations, many organizations are losing cyber insurance as an important risk management tool. Even those who can still get insurance are paying much higher prices.” ,” Woollacott continued.

With a third of UK businesses experiencing cyber attacks at least once a week, cyber insurance as part of risk management is essential. To close this gap, insurers want to improve risk information, so that premiums better reflect the true value of the risk. Unless organizations can demonstrate that they have the insurance controls in place to manage their security risk, insurers will continue to have difficulty quantifying that risk. It is for these reasons that insurers have changed the basis on which their products are issued to show the risk underwritten correctly.

In this area, improving and demonstrating security performance should now be a priority: for all organizations that are looking to improve their cyber resilience and improve their insurance eligibility, and for insurers that need to reduce their exposure to ensure the accuracy of insurance policies. risk pricing process. This may include:

  • Multi-factor authentication
  • The ultimate defense
  • Limited management positions
  • Patch OS/application
  • Employee awareness
  • Repeat frequently
  • Testing of business resilience planning
  • Disaster recovery planning

Forrester research, in their report “Top Cybersecurity Threats for 2022”, of April 2022, predicts that, as the level of risk information increases, it is possible that insurers will include the requirements of writing and focus on reducing the risk and the maturity of the security program. As we’ve seen, this is already happening as insurers develop more aggressive underwriting strategies. If other lines of insurance are any guide, as organizations begin to improve cyber risk management and control, insurers will adjust their pricing and pay organizations that can demonstrate improved security with higher insurance premiums.

The changing needs of both buyers and sellers in cybersecurity will no doubt lead to constant reshaping of the insurance market. Cyber ​​threats from third parties are an example.

“Organizations must not only protect themselves but have a responsibility to ensure that their supporters, partners and stakeholders do the same,” said Peter Woollacott. “The best way to achieve this is to follow good risk management practices to ensure your organization uses security measures to quickly identify and manage any cyber threats. This will give businesses the best chance to identify potential areas of cyber security weakness and, in the worst case scenario, still benefit and affordable cyber insurance that helps protect and restore operations.”

“Currently, the cyber insurance sector is driving security around the world. And even when lawmakers, regulators and courts act, it will still be insurers who want to improve their valuable knowledge that will establish security. Organizations must ensure that they can take advantage of the changes. wherever it is given to improve their security and their standing.”