New data from cyber insurance underwriters shows what they think the biggest threats will be in 2024 and what organizations should do about it.
Because insurance underwriters analyse lots of risk data to make decisions about insurance premiums and policies, it makes sense to garner their perspective on what 2024’s outlook will be.
According to insurer Woodruff Sawyer’s Cyber Looking Ahead Guide 2024, there’s some good news and some bad news. Let’s start with the bad news to keep things in context:
- 100% of underwriters believe cyber risk will increase, with over half of them believing it will increase “greatly” this year
- 63% believe ransomware will be the number one threat
- 50% believe that organizations aren’t as aware as they should be about cyber risk
If we believe the underwriters, this year is going to be chock full of attacks, most will be ransomware, and a material portion of organizations aren’t as prepared as they should be.
Now the good news (sort of):
- None of the underwriters believe cyber insurance premiums will increase “greatly," but 81% believe there will be a “slight” increase
- Only 13% believe that cyber coverages will decrease this year
So, in the end, organizations will have the same levels of coverage and won’t be paying significantly more.
However, the crucial query here is how to prevent the necessity of relying on an insurance policy from the start. I have reported numerous instances where enterprises became a victim of an attack, made a claim but were rejected. According to insurance experts, the risk management method that organizations should concentrate most on is the enhancement of their processes and procedures.
While I know this includes changes we’ve talked about here, such as confirming banking account changes via a second medium (e.g., phone call), but I’m going to stretch this mitigation strategy to include the need for security awareness training.
This change alone would have a significant impact on the level of risk within organizations. Remember, underwriters are predicting that there’s going to be a ton more cyber attacks, preventative actions are going to be far more impactful than just relying on your cyber insurance policy.
KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!
