- Donald E. Hester
Cyber Insurance in 2023: Trends and Insights from Industry Experts [Watch Now]
If you're considering cyber insurance in 2023, it's important to be aware of the latest trends in the industry. Demetrias Rodgers, the CTO of Planet Technologies, recently discussed the key considerations for cyber risk and insurance coverage. You can watch the video here and see my notes below. Also, I have a link at the bottom for a presentation by Fitch Ratings on the 2023 Cyber Insurance Market Update.
One trend that's been observed in the industry is the increasing cost of premiums. Over the past two years, insurance providers have been raising their rates, making cyber insurance more expensive for businesses. This is largely due to the increase in cyber attacks during the COVID-19 pandemic, which has resulted in more claims being filed.
Despite the higher cost, demand for cyber insurance continues to grow. In fact, it's currently the most sought-after type of insurance on the market. This is because the cost of a data breach is also on the rise, making it more important than ever to have adequate coverage.
To qualify for cyber insurance, there are several things that cyber insurance providers are looking for. These include independent validation, implementing multi-factor authentication (MFA), having a third-party scan for vulnerabilities, and demonstrating the resilience of your backup strategy. Cyber insurance providers are also interested in the structure of a business's IT department. They want to know if the organization has a dedicated Chief Information Security Officer (CISO), and whether this role is separate from operations. This is because having a dedicated CISO can improve a business's overall cybersecurity posture.
Does your organization meet your compliance requirements and how you manage third-party risks are also important factors that insurers consider when providing coverage. Annual penetration testing is often required, and businesses must be able to demonstrate their ability to patch vulnerabilities in a timely manner. For example, a policy such as patches should be applied within 30 days for critical issues, 45 days for high-severity issues, and 60 days for moderate-severity issues.
One issue that was raised during the discussion is the lack of auditing for local governments. This is a problem because it makes it difficult for insurers to assess the risk of providing coverage to these entities. To address this issue, a framework needs to be established that local governments can work toward in order to improve their cybersecurity posture.
In conclusion, cyber insurance is becoming more important than ever for businesses. While the cost of premiums may be increasing, the cost of a data breach is also on the rise. By taking the necessary steps to improve your cybersecurity posture and meet the requirements of insurers, you can protect your business from the devastating effects of a cyber attack.
2023 Cyber Insurance Market Update (Fitch Ratings)