5 Reasons to Improve Your Cybersecurity Before Applying for Cyber Insurance
Cyber crime is on the rise and it’s driving business leaders to consider cyber insurance. According to an independent survey of 5,000 IT decision-makers*, 84% of mid-sized organizations have some form of cyber insurance. That is a high-water mark for the industry and trending even higher.
It’s important to recognize, however, that a cyber insurance policy should not be viewed as a substitute for diligent cyber security practices. They are a necessary duo in this environment of elevated risk, increasing recovery costs, and rising cyber insurance premiums.
The cost to recover from a cyberattack more thandoubled from $760K in 2020 to $1.85M in 2021
The cost of a standalone cyber insurance policy in the US climbed 28.6% in 2020
Good cybersecurity helps with cyber insurance
There is a direct relationship between cybersecurity and cyber insurance, and having strong cyber defenses in place can help in a number of ways:
1. Good cybersecurity makes it easier to get cyber insurance
In light of the challenges facing the cyber insurance market, providers are focusing increasingly on managing – and reducing – risk. Good cybersecurity can help you reduce your cyber risk which, in turn, makes you a more attractive prospect for cyber insurance coverage.
In fact, some types of protection and preparation are becoming prerequisites for obtaining coverage. Common requirements:
- Managed detection and response (MDR) services
- Endpoint or extended detection and response (EDR/ XDR) technologies
- Next-gen endpoint protection
- Incident response plans
2. Good cybersecurity helps reduce premiums
Just as an alarm and window locks reduce your home insurance premiums, having advanced IT defenses helps reduce your cyber insurance costs. While the insurers’ exact premium calculation algorithms are closely-guarded secrets, customers consistently say that the quality of their protection impacts their premiums.
Because we didn’t have EDR installed on 100% of our appliances, the insurance [costs] doubled.
Web hosting company, USA
3. Good cybersecurity reduces the likelihood of making a claim – and higher premiums in the future
As with other forms of insurance, if you make a claim, you can expect a significant increase in your premiums in subsequent years. By minimizing your risk of being impacted by a cyberattack you reduce the likelihood that you’ll need to call on your policy – and help keep your premiums down.
4. Good cybersecurity reduces the risks of non-payment
Poor IT security hygiene can prevent you receiving financial support in the event of an incident. If the insurer believes that you ‘left the door open’ through weak practices, they may have grounds to not pay out.
We do not pay for any claims, losses, breaches, privacy investigations or threats due to the use of outdated or unsupported software or systems.
Hiscox Cyberclear™ policy wording, UK, June 2021
By eliminating these gaps, you can help ensure that, should the worst happen, the insurance company will step in.
5. Good cybersecurity can minimize the impact and cost if an incident occurs
Responding quickly and appropriately to a cyberattack can significantly reduce the impact and cost of the incident. Having a malware incident response plan in place and being able to call on experienced incident responders will help you minimize the fall-out from the attack.
Good cybersecurity practices result in direct and indirect savings that could mean the difference between cyberattack prevention or fast recovery on one side and potentially crippling business outcomes on the other. If you’d like to have a conversation about your company’s cybersecurity, complete the form to the right to request a no-obligation consultation.
Referenced sources:
* The State of Ransomware, 2020, Sophos
