Chris Rogers , Senior Technology Evangelist at Zerto , a Hewlett Packard Enterprise Company , asks if the cost and complexity associated with getting cyberinsurance outweighs its potential benefits .

In addition to a sharp rise in the cost of insurance premiums and the increasing requirements associated with qualifying for cover in the first place , the list of exemptions for payouts is getting longer and longer . As a result , firms must carefully consider exactly what their cyberinsurance product covers , because the list of policy exclusions are extensive .

Many insurers have now hardened their position on specific social engineering methods and internal threat actor attacks . Meanwhile , getting cover for supply chain or hostile state-sponsored attacks is becoming increasingly difficult .

This leaves firms between a rock and a hard place . Not having cyberinsurance isn ’ t an option if it ’ s a mandated board level requirement . Meanwhile , the potential cost and risk exposure associated with cyberattacks means businesses can ’ t afford not to have an insurance safety net in place .

Given all these difficulties , how can organisations meet these cyberinsurance challenges head on ?

Cyberinsurance – a rapidly evolving landscape

Since its beginnings in the 1990s , the cyberinsurance industry has experienced rapid and meteoric growth that mirrors the dramatic increase in digital crime . So much so that analysts are predicting that the global cyberinsurance market is set to reach over US $ 90 billion by 2033 . That ’ s a significant jump from the US $ 12 billion market valuation of 2023 .

According to the Association of British Insurers ( ABI ), cyberinsurance cover applies to the losses and liabilities that can arise from a breach , ransomware , damage to digital assets and business interruption , and includes the provision of assistance managing cyberevents when an incident occurs . For organisations that are victims of cybercrime , this form of insurance has proved invaluable for recovering from an attack event and resuming business-as-usual operations .

However , the evolving nature of cybercrime , the increasing frequency of attacks and claims , and the growing scale of payouts has prompted the insurance industry to raise premiums and tighten their underwriting terms and conditions . According to industry figures , the average insurance claim for an SME now stands at US $ 345,000 per incident .

The implications of all this for organisations looking to utilise insurance to minimise their cyber-risk exposure are significant and only set to increase .

Cyberinsurance – navigating the cost and tightening criteria

Organisations are finding it more difficult to get comprehensive insurance coverage at a reasonable

Chris Rogers , Senior Technology Evangelist at Zerto

WWW . INTELLIGENTCISO . COM 63