In an increasingly digital world, the importance of cyber insurance cannot be understated. According to a recent report published by Delinea, a prominent provider of Privileged Access Management (PAM) solutions, there is a significant gap emerging between insurance carriers and organizations in terms of obtaining affordable and comprehensive coverage.
The report, titled the “2023 State of Cyber Insurance,” is based on a survey conducted by Censuswide on behalf of Delinea. The survey included responses from over 300 organizations in the United States and aimed to uncover new trends and evolving patterns in the cyber insurance industry.
One of the key findings of the report is that the time and effort required to obtain cyber insurance is increasing significantly. In fact, the number of companies requiring six months or more to obtain or renew their cyber insurance has skyrocketed compared to previous years. This poses a challenge for organizations that need immediate coverage in order to protect themselves against cyber threats.
Furthermore, the report highlights that the demand for cyber insurance continues to rise, with 47% of companies using their cyber insurance more than once. However, this increased demand has led to higher insurance rates, with 67% of respondents noting a 50-100% increase in rates upon application or renewal.
While organizations are eager to secure cyber insurance coverage, the report also emphasizes the importance of understanding the exclusions within policies. Lack of security protocols, human error, acts of war, and failure to follow compliance procedures are among the exclusions that could void cyber insurance coverage. This means that even if organizations are able to obtain affordable coverage, their claims may still be denied or reduced due to the fine print.
Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea, states that cyber insurers are growing more mature and cautious as they learn from their own data. He highlights that organizations need to approach cyber insurance with diligence and ensure that their policies align with their evolving needs.
To address these challenges, many organizations are investing in cybersecurity solutions to protect their assets and meet the requirements set by insurance providers. The report reveals that 96% of organizations purchased at least one security solution before their cyber insurance application was approved. Additionally, 81% of respondents received the necessary budget to obtain their desired cyber insurance policy, as it is now a requirement from Boards of Directors and executive management teams.
In terms of specific security controls, the report notes that Identity and Access Management (IAM) and Privileged Access Management (PAM) are essential. Approximately 51% of respondents reported that IAM controls are required by their cyber insurance policies, while 49% stated that PAM controls are necessary. As a result, organizations are proactively investing in these solutions to strengthen their cybersecurity posture.
Joseph Carson emphasizes the importance of implementing access control solutions before shopping for or renewing cyber insurance. He notes that these controls, along with basic cybersecurity measures such as anti-malware software, data encryption, firewalls, and intrusion detection, are crucial components of a comprehensive cybersecurity strategy.
In conclusion, the “2023 State of Cyber Insurance” report from Delinea highlights the growing gap between insurance carriers and organizations with regards to obtaining affordable and comprehensive cyber insurance coverage. The report underscores the need for organizations to approach cyber insurance with diligence and stay updated on policy changes. Additionally, the importance of investing in cybersecurity solutions, such as IAM and PAM controls, is emphasized to meet the requirements set by insurance providers and enhance overall security.