BY Richard Summerfield
Cyber insurance should form the backbone of a cyber security strategy, according to a new report from At-Bay.
According to the report, which surveyed security decision makers in the US, Canada and Europe, Middle East, and Africa (EMEA), cyber insurance is now seen as a best practice by many businesses, with 72 percent of respondents considering it ‘critical’ or ‘important’ to their organisation.
Furthermore, 43 percent of respondents noted that cyber insurance requirements are a significant driver of their cyber security spending. This figure rises to 52 percent among the largest organisations.
“We believe an important finding from this report is that there’s a large number of organizations that should consider partnering with a cyber insurance provider to help drive cybersecurity maturity,” said Andrew Braunber, an analyst at Omdia. “There can be upside for enterprises in aligning proactive cybersecurity spending with cyber insurance requirements, with an even more powerful emerging option to partner with an InsurSec provider to optimize risk reduction and technology performance. These relatively new entities combine cybersecurity products and services with insurance offerings to offer a wider scope of prevention and protection.”
There has been significant growth in the number of businesses of all sizes when it comes to prioritising proactive security solutions that help identify and mitigate potential threats. Over the last 12 months, more than 70 percent of respondents increased their spending on proactive security solutions.
Yet, despite the increase in the use of cyber insurance and its burgeoning impact on security decisions, only 13 percent of respondents said they were working ‘proactively’ with their cyber insurance provider to reduce cyber risk. By contrast, 33 percent of respondents said they were taking preventive measures with support from their cyber insurer.
Worryingly, proactive collaboration is even lower in critical infrastructure sectors, where cyber risks could have broader societal impacts. For example, only 4 percent of manufacturing companies, 7 percent of energy, utility and transportation companies, and 8 percent of healthcare companies reported proactive engagement with their cyber insurance providers.
“Cyber insurance has emerged as a critical pillar to building a proactive cybersecurity strategy as it enables companies to complete their risk mitigation,” said Thom Dekens, chief business officer at At-Bay and general manager of At-Bay Security. “Additionally, insurance providers with significant in-house cybersecurity expertise can provide huge business value to their customers, closely partnering with them to make informed decisions about their technology strategies and also improve their risk outcomes throughout the policy year.”
Report: InsurSec Can Drive An Effective Proactive Security Strategy