[ad_1]
Delinea reported Thursday that nearly 80% of the businesses surveyed had to have cyber insurance, and more than half had taken it more than once.
As a result, insurers have refrained from covering the most needed and now say they cover critical incidents such as ransomware, ransom negotiations and ransom payment decisions with cyber insurance. Only about 30% of respondents responded.
While 40% cited mitigation of risk by applying for cyber insurance, 33% claimed it was also due to requirements from top management, and another 25% cited ransomware incidents as a primary factor.
Delinea researchers say that given pressure from management and corporate boards, 93% of respondents would have received the budget they needed to purchase cyber insurance, while 75% It states that the premium increased during the last renewal period.
Tony Goulding, senior director and cybersecurity evangelist at Delinea, said: “The fact that companies are using the policy multiple times is alarming and shows that organizations are not prioritizing their actual cybersecurity strategies and solutions accurately. It also shows that we may not be doing enough when it comes to requiring security best practices to be proactively implemented and enforced.”
Avishai Avivi, Chief Information Security Officer at SafeBreach, believes: My car could be stolen, does it make sense to offer coverage?
“More and more cyber insurers are requiring their customers to implement certain security controls,” said Avivi. “The challenge is that we don’t always ensure that our customers are using these controls appropriately.”
Avivi added that cyber insurance providers need to start moving beyond simple checklists for security controls. Avivi also said customers should simulate adversaries so that their attacks do not become breaches when attacked.
“We are already beginning to see government regulations and guidance involving adversary simulations as part of a proactive response to threats,” said Avivi. “As this trend continues, we expect cyber insurers to require or encourage companies seeking coverage to implement security verification and adversary simulations as part of their ongoing security programs. , especially for customers in regulated industries or those dealing with highly risky digital assets such as personal data records.”
[ad_2]
Source link