How Insurance is Driving Motivation for Better Cybersecurity

In a survey that shows the complexity of the growing cyber threat landscape, cybersecurity company Sophos highlighted how 76% of companies have improved their cyber defences to qualify for cyber insurance.

The survey, which included responses from 5,000 IT and cybersecurity leaders across 14 countries, found that 97% of those with a cyber insurance policy had invested in enhancing their defences. 

This investment was primarily driven by the need to qualify for coverage (76%), obtain better pricing (67%), and secure improved policy terms (30%).

The report, titled "Cyber Insurance and Cyber Defences 2024: Lessons from IT and Cybersecurity Leaders," however could highlight the fact that checking boxes to be compensated for an attack may be coming ahead of actual preparedness. 

“While cyber insurance is beneficial for companies, it is just one part of an effective risk mitigation strategy. Companies still need to work on hardening their defences,” said Chester Wisniewski, Director, Global Field CTO of Sophos. "A cyberattack can have profound impacts for a company from both an operational and a reputational standpoint, and having cyber insurance doesn’t change that.”

Issues in insurance and defence

Cyber insurance is a specialised insurance product designed to help organisations mitigate the financial risks associated with cyber incidents, such as data breaches, ransomware attacks, and other forms of cybercrime. 

It typically covers costs related to incident response, legal fees, public relations efforts, and sometimes even ransom payments. However, as the Sophos survey indicates, the coverage limits of these policies often fall short of the actual recovery costs, highlighting the need for companies to invest in robust cybersecurity measures.

Despite having insurance, however, the report also revealed a concerning trend: costs associated with recovering from cyberattacks are outpacing the coverage provided by insurance policies. 

Only 1% of respondents who made a claim reported that their insurance carrier covered 100% of the costs incurred during remediation. 

The primary reason for this shortfall was that the total recovery costs exceeded the policy limits. According to the "State of Ransomware 2024" survey, the average recovery cost following a ransomware incident has surged by 50% over the past year, reaching US$2.73m.

Ransomware is on a rampage as of late. Already, halfway through 2024, and we have seen one of the biggest attacks on US healthcare provider, a UK hospital having to shut down over a breach, and a US car dealership software provider CDK Global shut down most of its operations, leaving 15,000 auto retailers offline.

"The Sophos Active Adversary report has repeatedly shown that many of the cyber incidents companies face are the result of a failure to implement basic cybersecurity best practices,” said Chester. “such as timely patching. In our most recent report, compromised credentials were the number one root cause of attacks, yet 43% of companies didn’t have multi-factor authentication enabled."

Indeed, a recent Mandiant analysis of the data theft of cloud computing giant Snowflake, which affected as many as 165 of Snowflake's 9000+ customers worldwide, showed the three facts of the companies affected were lack of Multi-factor authentication (MFA) and reuse of credentials found to have been compromised in previous attacks.

Positives of qualifying

The survey also found that 99% of companies that improved their defences for insurance purposes reported broader security benefits beyond just qualifying for coverage. These benefits included enhanced protection, freed IT resources, and fewer security alerts. 

Currently, Telecommunications, Media, and Technology (TMT) companies are some of the leaders in terms of cybersecurity, seeing a staggering 125% increase in cybersecurity budgets between 2019 and 2023.

"Investments in cyber defences appear to have a ripple effect in terms of benefits, unlocking insurance savings that organisations can divert into other defences to more broadly improve their security posture,” Chester remarked.  “As cyber insurance adoption continues, hopefully, companies’ security will continue to improve. Cyber insurance won’t make ransomware attacks disappear, but it could very well be part of the solution."

While insurance provides a safety net, Sophos survey shows that robust defences are essential to mitigate the growing threat landscape effectively. 

And although being spurred by qualifying for coverage, the report showing that many companies soon see the benefit of investing in their cybersecurity may mean the attackers may not have the advantage in the future.

******

Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Cyber Magazine is a BizClik brand