Cyber insurance: Is your business prepared for the second wave?

The cyber insurance market has matured rapidly over the past two years in the face of ever-evolving risk.

Factors such as increased ransomware activity, ballooned claims frequency and loss severity, coupled with soaring market demand have brought us to what is referred to as the “second wave” of cyber insurance — a revolution in the way businesses are evaluated, underwritten and protected. The once “soft” cyber insurance market now has shifted its focus toward better understanding cyber-attack exposure and improved risk selection. Nearly every stakeholder in the cyber insurance market -reinsurance, underwriters or brokers - is narrowing in on key initiatives they need to perform to achieve their desired business outcomes within the current threat landscape.

Where does this leave potential policyholders? This data-backed market shift requires more sophistication of cyber exposure evaluation, scanning, risk management strategy and powerful partnerships that keep customers protected throughout their entire policy period.

In the first half of 2022, 81% of network intrusion incidents stemmed from external exposure. This is when an attacker exploited a system exposed to the public internet and gained access to the victim’s network or data. This is the easiest method by which threat actors find their victims, deploy ready-made exploits and carry out countless attacks via automated tools. For this reason, external exposure is easily the most impactful factor to control when protecting networks and qualifying for insurance.

But some types of external exposures are more prevalent than others. In the first half of 2022, 56% of all external exposures were caused by external exploits, in which a threat actor used a known vulnerability to gain access to the network before the internal organization could patch their system. These external exploits cost victim organizations 54% more than compromises caused by user action, which should lead security and IT leaders to prioritize patching and proactively addressing vulnerabilities in 2023. There’s good reason for this — nearly 1 in 4 organizations were targeted with a Log4Shell exploitation attempt since January 2022, one of the highest-profile exploits in recent memory.

Managing external exposure requires several practices, including an up-to-date understanding of the threat landscape, installing security patches, enforcing multi-factor authentication on remote access tools, and proper configuration being among them. To effectively address the exposure, many organizations, including the carriers reviewing their insurance application, have turned to external scanning technologies to find their potential network entries before threat actors do. Since we know attackers are scanning the public internet for their opportunities, policyholders and carriers are now using the same methods to protect precisely what’s targeted by threat actors.

Underwriters in particular are more in alignment with this threat landscape than ever before. Insurance applications now require specific technical controls, their proof of performance and more sophisticated, sustainable practices than in previous policies. In this second wave of cyber insurance, many organizations may find themselves with immediate disqualifiers, or cyber security practices that are no longer insurable in the face of the latest threats. This dynamic between highly refined policy language and less experienced cyber policyholders leaves the market at large with a wide protection gap.

To close this protection gap, organizations can work closely with their insurance broker and security partners to evaluate, implement and effectively communicate the organization's security posture to underwriters. With strong partnerships connecting brokers, clients and their security services, the proper security controls - including immediate disqualifiers and more sophisticated solutions – not only can be implemented, but organizations can realize enhanced insurance terms, including broader coverage, reduced deductibles (retention), higher limits or lower premiums.

With the right partners in place, the second wave of cyber can bring about a revolution in how organizations can learn about their external exposure, close their security gaps and rely on trusted security experts to keep their protections in place. As the insurance market continues to demand more sophisticated security from organizations, cyber exposure evaluation, scanning, threat intel-led risk management strategies, and powerful partnerships will bring us all closer to ending cyber risk.

Kevin Kiser is senior director, strategy, at Arctic Wolf. He may be contacted at [email protected].

© Entire contents copyright 2023 by InsuranceNewsNet.com Inc. All rights reserved. No part of this article may be reprinted without the expressed written consent from InsuranceNewsNet.com.