Cyber resilience before cyber insurance

Resilience is the measure of how readily an organisation can carry on in the face of disruption or a changing environment. And nothing tested the operational resilience of organisations more than the recent Covid-19 pandemic.

The portion of businesses buying cyber insurance reportedly doubled in 2020. Unfortunately, the very same factors that led to this rush to buy, have also led to a change in the dynamics of the cyber insurance market. More cyber criminals are being drawn into the space by increasingly lucrative earnings, and this has led to a rise in frequency of claims. At the same time, these claims are also more expensive to handle as the combined impact of privacy breaches and business interruption is felt. All of this has led to a so-called “hardening” of the market, which is being felt in a number of ways.

Firstly, premiums are rapidly increasing in order to fund these more frequent and severe claims. Secondly, insurers are less willing to provide large limits in an effort to protect themselves from the highest losses. Finally, more restrictive cover is being offered; most notably through the occasional imposition of sub-limits and co-insurance (whereby the Insured will have to retain a portion of their own risk).

There are of course plenty of things that an Insured can do in order to mitigate the impact of this shifting market, most importantly taking the time to fully explain their exposures and controls to underwriters. Some key controls that insurers are looking out for include:

  • Multi-factor authentication for remote and privileged access
  • Segmentation of their systems to protect crown jewels and prevent lateral movement
  • Endpoint protection solutions
  • Monitoring and response capabilities (either inhouse or outsourced)
  • Offline (or isolated within a cloud) backups
  • Rapid patching, especially for high critical vulnerabilities

Zurich Resilience Solutions explore this in more depth in their report which can be found here.