An analysis of insurance claims data has revealed that businesses using a managed detection and response (MDR) provider can reduce the median response time to a cyber incident by half. This significant decrease in response time corresponds with a dramatic reduction in the impact of each incident. The reduction in response time and incident severity has caught the attention of at least one cyber insurance firm, which is considering offering discounts on policy premiums based on the type of technology a company has implemented.
Cyber insurance firm Coalition has discovered that by enhancing major endpoint detection and response (EDR) platforms with the expertise of cybersecurity professionals, companies experience fewer and less severe incidents. “What we’re seeing from our data is that there’s a set of foundational security controls that actually move the needle,” explains Tiago Henriques, vice president of research for Coalition. Companies that have deployed MDR technology are eligible for credits on their cyber insurance premiums. However, unmanaged EDR platforms do not merit the discount.
The findings are in line with expectations, as cybersecurity and incident-response experts are better equipped to handle security events on a regular basis. According to Jeff Pollard, vice president and principal analyst with business intelligence firm Forrester Research, MDR services save clients significant time and reduce the cost of incident response.
Additionally, Coalition has found that organizations using Google Workspace had a significantly lower financial transaction fraud (FTF) claims rate compared to those using Microsoft Office 365. Insecure email systems, particularly business email compromise and email in general, have been identified as major sources of insurance claims by the firm.
Coalition’s data-focused approach to insurance has the potential to collect the most accurate data on what cybersecurity products are effective. As a result, the firm can recommend specific solutions to businesses based on their impact on reducing and preventing claims. However, it is important to note that the most secure technologies may not necessarily result in policy savings, according to Forrester’s Pollard.
In conclusion, while cyber insurance firms may not necessarily lead to better cybersecurity products, they are likely to become less willing to insure unreliable or problematic technologies. The use of accurate data on effective cybersecurity products, coupled with insurance incentives, could lead to businesses making more informed decisions about their cybersecurity investments.