Cybersecurity insurance coverage market grew 61% in 2021 from a year earlier, reaching $6.5 billion in premiums, annual report says cyber insurance report issued by the National Association of Insurance Commissioners. Although online insurance companies are struggling to meet demandsome digital insurance platforms and cybersecurity advisors identify the most significant risks that need to be addressed.
According to the executives of MOXFIVE, a cybersecurity consulting firm, and embroiderera digital insurance platform.
Under the insurance, Ransomware became a big concern a few years ago, according to Mike Wager, founder and CEO of MOXFIVE. This has led to increased interest in endpoint detection and response (EDR) and multi-factor authentication (MFA), he says. EDR involves installing software on every system in a company, including virtual and physical workstations and servers. Yet, as noted in its recent “Insights” report for the first half of 2022, “MOXFIVE saw many environments where EDR agents were not fully installed, even though the organization’s leadership believed the technology was fully deployed. “.
Two years later, showing that you have EDR in place is now necessary to get a competitive quote for cybersecurity insurance, says Wager. Aside from the aspect of insurance coverage, simply having EDR, however, is not enough to provide comprehensive protection, according to Wager and MOXFIVE.
“Have you set the switches correctly? Are you guarding the front door, with all tool controls and switches? Are you guarding the rear door as well?” He asked. His company’s Insight report indicates that using a variety of data sources, including active network discovery scan results, is necessary to ensure that all systems in the technical environment a business are protected.
Ransomware attacks have become more sophisticated over the past couple of years, often encrypting enterprise backup operations before engaging in denial of service or other sabotage. In some cases, EDR, MFA and other security technologies such as Crowdstrike Falcon Prevent, Mandiant or Unit 42 were still insufficient.
“The industry is starting to get wiser and wiser, and we’re trying to help them figure out how to ask a better question based on what’s really going on,” Wager says. “He gets the job done, but then steps back and tries to educate.”
Cybersecurity insurance coverage must address the consequences of ransomware attacks, not just the immediate disruptions. “There are huge business interruption losses. There is downtime to restore all your systems, upgrade or re-install your hardware if it has been damaged. We will help a customer any throughout this process,” says David Derigiotis, Director of Insurance at embroidererwho is also an expert in cybersecurity and data privacy.
Ideally, an attack subject wouldn’t have to pay a ransom because they have the right backups and can easily restore systems without downtime, he added, but if that’s not possible, Embroker tries to minimize business damage and downtime.
In the case of Zurich Insurance Group, an insurer itself realized its vulnerability, with around 100,000 endpoints to defend. Zurich turned to Tanium, a cybersecurity and systems management company that provided IT tools and solutions for security and operations. “We were able to leverage Tanium in a unique way that addresses use cases that sit between the IT operations team and our cyber response team,” said Paige Adams, head of global security at Zurich. , in a press release. “It helps us troubleshoot issues such as internal misconfigurations or expedite a response effort to handle an IT severity incident.”
Just as EDR was created in response to ransomware, MFA security measures are intended to block compromised login credentials, sometimes caused by social engineering intrusions. According to MOXFIVE’s Wager, having MFA in place is now usually a prerequisite for cybersecurity coverage. Along with MFA, companies need to understand which accounts have access to their virtual private networks, added Jim Aldridge, vice president of partnerships at MOXFIVE. When hackers can’t find vulnerabilities in networks, compromising an identity is their next way to cause damage, he says.
As Adam Gladsden of Swiss Re said Previously, loss ratios in cybersecurity coverage are declining as ransomware claims have also declined, easing pressure on premium rates. Overall, the cybersecurity insurance market is growing and premium rates are falling after rising last year, according to MOXFIVE’s Wager.
“The volume of claims has gone down and the severity of claims has gone down, which means insurance companies have found a way to be more profitable,” he said. “You could say they figured out how to underwrite this better.”