Whether you realize it or not, your business is under siege from cybercriminals via phishing, ransomware, remote workforce stolen credentials, and a host of other cyber-attacks. There were 623.3 million ransomware attacks in 2020 and 236.1 million in the first half of 2022. The average ransomware payment in 2021 increased by 82% year over year to $570,000.
These threats demand an increasingly sophisticated cybersecurity profile to guard against unknown emerging attacks. One of the ways some businesses are financially protecting themselves against these attacks is by acquiring cyber insurance. For many companies, cyber insurance has become a lifeline in the event of a major incident. Unfortunately, 40% of U.S. businesses have either no cyber insurance or limits of $1 million or less, not considered enough to cover the cost of the average cyber-attack. Here are 3 things you should know about cyber insurance.
Insurance Industry is Evolving to Meet Cyber Threats
Due to substantial losses from cyber-attack claims made on traditional property casual policies, most insurance companies now have reclassified those policies under separate cyber insurance policies. As these companies gather more data on cyber-crime they are able to hone in and optimize their premiums.
Your Security Profile Matters
As the industry has begun to standardize on cyber insurance policies, carriers want to delve more deeply into your overall security profile. They now typically require a cyber security questionnaire to assess a company’s security controls. They typically look for 12 core controls they need to understand before determining what your premium will be. These controls will be revisited in the event you submit a claim so you should have rock solid security controls in place to ensure the claim is paid in full.
Preparation is Key
As you begin to acquire cyber insurance (CI), there are several important steps you must take. Leverage your third-party relationships to deploy and monitor your security controls in anticipation of the CI assessment. Assess the security questionnaire against your security controls and address insufficient controls. Contact an insurance broker long before your current policy expires to discuss your renewal. A broker plays a key role by leveraging multiple insurance companies for policy evaluation to get you the best premium rate. When you receive your proposal, ask for a better rate or retain coverage by documenting your practices and controls.
Having enough bandwidth for your internal IT staff to make sure your cybersecurity is up-to-speed can be challenging. That’s why many companies are turning to third party systems integrators and managed services companies like DynTek for a managed security services solution. We can help you take advantage of shared customer expertise and threat intelligence, provide 24x7x365 coverage, and scale and adapt to new threats while you focus on your primary business and core mission.
For more information on the evolving world of cyber insurance and setting yourself up to get the lowest possible premium, click here to register for our online briefing, Cyber Insurance Strategies: Mitigate Risk & Manage Premiums.
Number of ransomware attacks per year 2016-H1 2022, Statista Research Department, August 3, 2022.
 Cyber Security Statistics – The Ultimate List of Stats, Data, & Trends for 2022.PurpleSec LLC