In 2022, cyber risks are among the most crucial risks, with an increase in cyber attacks of +400% over the previous year. With the idea of protecting you against the losses caused by a cyberattack, we recently hosted a webinar on the challenges of cybersecurity insurance.
Why do we need cybersecurity insurance
Cyber risks are at the heart of any company’s risk transfer strategy. As this graph shows, we see that the main causes of losses among SMEs are: human error, phishing, fraudulent emails, hacking, and ransomware. The latter being the highest with 264M loss! (NetDiligence, 2021)
In this context, cybersecurity insurance ensures the sustainability of the company in the event of a disaster and revenue loss. Cybersecurity insurance covers a wide spectrum of events such as technical incidents, human errors, fines and ransoms, damage caused by malware. The insurance will cover many costs and financial damage caused by this type of incident.
In addition to the reimbursement of the costs incurred, the insured also benefits from the support of a team of dedicated experts, during and after the incident. Thus, IT, legal and communication experts will be able to provide you with their knowledge to help you in each of the spheres impacted by a cyberattack.
What is the state of the cyber insurance market
The cyber insurance market has come a long way since the first coverage offerings. The protections are now a little more uniform between the various insurers than before, but not all insurers have the same approach.
Following the resurgence of computer attacks, and therefore the increase in risk, the sharp rise in claims is forcing some insurers to review their offer. Underwriting requirements are becoming more specific. Renewals are not instantaneous and policyholders must follow good prevention practices.
In addition to the strong growth in premiums, there are some changes in coverage related to the under-limitation of certain guarantees (e.g. ransoms), the exclusion of certain risks (e.g. Log4j), and additional restrictions for policyholders who do not follow good prevention practices (e.g. proactive management of known vulnerabilities)…
What is covered by cybersecurity insurance
As mentioned above, a cyberattack can take several forms and could impact several areas of your business. The impact can be very heavy both financially and for the reputation of your business.
Throughout this article, we discuss various aspects of cyber insurance such as insurance coverage or the criteria and prerequisites for being covered. Please note that this information may differ from one insurer to another.
Cybersecurity insurance can cover emergency costs to respond to an incident, and will take care of the payment of ransoms. The insurance can also cover the costs of remediation of the impacts caused to your technological environment and cover the costs of interruption of your business.
Finally, the insurance can cover the costs of civil liability and regulatory penalties related to damage from a cyberattack.
What are the prerequisites for accessing cyber insurance
As the risk is increasingly high, insurers require certain prerequisites in order to be able to access cyber insurance. Your organization will need to implement certain measures such as: An MFA system, an “Endpoint detection & response” tool (such as Microsoft Defender) instead of traditional antivirus, endpoint risk management strategy, privileged access management, limitation to the use of mobile devices, software updating and patch management policy, backup management (non-local, offline of the entire network, tests), setting up a crisis management plan to prepare for when the attack will occur rather than treating it as a possibility.
Even though cyber insurance is sometimes priced a bit high, it is a fundamental security that can save your business. We see that more and more computer attacks are emerging and that insurers have had to adopt their offer and their coverage in order to reduce your chances of being attacked, and therefore their share of risk. Thus, your company will have to adopt several prerequisites in order to meet the requirements of the insurer to be able to benefit from insurance.
If you want to learn about cybersecurity, call on our experts to discuss your needs and concerns. You would like to deepen your knowledge independently, do not miss the cybersecurity training in e-learning on our YAZI platform.