end-point
ANALYSIS
CYBERINSURANCE : WHAT BUSINESSES NEED TO KNOW
Greg Day , Cybereason VP and Global CISO , outlines what businesses need to understand about cyberinsurance , from evaluating coverage to assessing the costs involved .
Cyberinsurance has become a crucial safety net for businesses , particularly in the face of escalating ransomware attacks . This financial safeguard promises protection against the often devastating consequences of cyberattacks . However , as ransomware incidents have surged , so too have the premiums for cyberinsurance .
Fortunately , recent trends suggest that the cost of cyberinsurance may be stabilising . This stabilisation could signal that businesses are maturing in their approach to cybersecurity and that more effective cybersecurity programs are taking hold .
More than just a safety net
For many businesses , cyberinsurance is more than just a financial safety net – it ’ s an essential component of their broader cybersecurity strategy . Research indicates that companies with cyberinsurance are generally better equipped to handle data breaches and cyberattacks compared to those without coverage .
One significant advantage is the support that insurers provide . Insurers often work closely with their clients to prepare them for potential incidents , offering guidance on best practices and response strategies .
The market for cyberinsurance is changing rapidly , and both insurers and businesses must stay abreast of these changes to ensure adequate protection . One key challenge is evaluating cyberinsurance coverage against emerging threats .
Our recent research , based on a survey of over 1,000 companies across EMEA and the USA , reveals that while nearly all respondents had cyberinsurance , only 40 % were confident that a ransomware attack would be covered .
Furthermore , among those who had made claims for ransomware attacks , only half felt they had recovered the full costs . This discrepancy underscores the need for businesses to fully understand their policy details and coverage limits .
Evaluating cyberinsurance coverage
When evaluating cyberinsurance coverage , it ’ s essential for businesses to have a clear understanding of what their policy covers and excludes . Typically , cyberinsurance can cover firstparty and third-party losses , including the costs of responding to an attack .
However , policies generally do not cover legal or regulatory losses . Businesses must consider what level of coverage is necessary based on their
76 WWW . INTELLIGENTCISO . COM