What’s changing in the cybersecurity insurance world?
Cybersecurity insurance is still a pretty new concept for many small & medium-sized businesses. It was initially introduced in the 1990s to provide coverage for large enterprises. It covered things like data processing errors and online media.
Since then, the policies for this type of liability coverage have changed. Today’s cyber insurance policies cover the typical costs of a data breach, including remediating a malware infection or compromised account. here’s what you need to know.
Cybersecurity insurance policies will cover the costs for things like:
Recovering compromised data
Repairing computer systems
Notifying customers about a data breach
Providing personal identity monitoring
IT forensics to investigate the breach
Legal expenses
Ransomware payments
Data breach volume and costs continue to rise. 2021 set a record for the most recorded data breaches on record. And in the first quarter of 2022, breaches were up 14% over the prior year.
No one is safe. Even small businesses find they are targets. They often have more to lose than larger enterprises as well. About 60% of small businesses close down within 6 months of a cyber incident.
The increase in online danger and rising costs of a breach have led to changes in this type of insurance. As a result, the cybersecurity insurance industry is ever-evolving. Businesses need to keep up with these trends to stay protected.
Here are some cyber liability insurance trends you need to know:
Demand is Going Up
The average cost of a data breach is currently $4.35 million (global average). In the U.S., it’s more than double that, at $9.44 million. As these costs continue to balloon, so does the demand for cybersecurity insurance.
Companies of all types realise that cyber insurance is critical. It’s as essential as their business liability insurance. Without that protection, they can quickly go under in the case of a single data breach.
With demand increasing, cybersecurity insurance policies have greater availability, which is great for those seeking coverage.
Premiums are Increasing
With the increase in cyberattacks has come an increase in insurance payouts. As a result, insurance companies are increasing premiums to keep up. In 2021, cyber insurance premiums rose by a staggering 74%.
The costs from lawsuits, ransomware payouts, and other remediation have driven this increase. In addition, insurance carriers aren’t willing to lose money on cybersecurity policies. Thus, those policies are getting more expensive at the same time as they are more necessary.
Certain Coverages are Being Dropped
Certain types of coverage are getting more difficult to find. For example, some insurance carriers are dropping coverage for “nation-state” attacks. These are attacks that come from a government.
Many governments have ties to known hacking groups. So, a ransomware attack that hits consumers and businesses can very well be in this category.
In 2021, 21% of nation-state attacks targeted consumers, and 79% targeted enterprises. So, if you see that an insurance policy excludes these types of attacks, be very wary.
Another type of attack payout that is disappearing from some policies is ransomware. Between Q1 and Q2 of 2022, ransomware attacks increased by 24%.
Insurance carriers are tired of unsecured clients relying on them to pay the ransom. So many are excluding ransomware payouts from policies putting a more considerable burden on organisations. They need to ensure their backup and recovery strategy is well planned.
It’s Harder to Qualify
Just because you want cybersecurity insurance doesn’t mean you’ll qualify. Qualifications are becoming stiffer. Insurance carriers aren’t willing to take chances, especially on companies with poor cyber hygiene.
Some of the factors that insurance carriers look at include the following:
Network security
Use of things like multi-factor authentication
BYOD and device security policies
Advanced threat protection
Automated security processes
Backup and recovery strategy
Administrative access to systems
Anti-phishing tactics
Employee security training
When applying for insurance, you’ll often need to fill out a lengthy questionnaire, including several questions about your cybersecurity situation. Again, having your IT provider help you with this is a good idea. As you review the questions, your IT partner can identify security enhancements. Just like other forms of insurance, if you take steps to reduce risk, it can often reduce your premiums.
So, it pays to review cybersecurity before applying for cyber insurance. You can save yourself time and money. It can also fortify your defences against cyberattacks.
Need Help Making Sense of Cybersecurity Policies?
Cybersecurity coverage and insurance applications can be complex. If you answer a question incorrectly, it can mean paying hundreds more premiums than you should.
If you’re considering cybersecurity insurance, don’t go it alone. Instead, give us a call and schedule a consultation. We can explain the policy details and provide guidance. get in touch.
This article is used with permission from The Technology Press.