Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    The Good, the Bad, and the Necessary State of Cyber Insurance

    Misconceptions about CybersecurityNew data from security vendor Sophos shows that while the presence of cyber insurance coverage has increased, it’s the experiencing of attacks that’s driving the need.

    When the concept of cyber insurance was first introduced, it seemed like a shakedown and just another way for insurers to take the organization’s money. But today, according to Sophos’ just released Cyber Insurance 2022: Reality from the Infosec Frontline report, cyber insurance policies are now held by 94% of organizations.

    So, what’s driving this adoption of cyber insurance?

    Much of the adoption lies in organizations experiencing an attack and realizing they need insurance to potentially cover what their own cybersecurity stance doesn’t. According to the report:

    • 57% of respondents experienced an increase in the volume of cyberattacks on their organization
    • 59% saw the complexity of these attacks increase
    • 53% said the impact of these attacks had also increased
    • 89% of those hit by ransomware have cyber insurance against ransomware

    It also appears to be the prevalence of attacks and the massive impact they have on their victims, as 70% of organizations not hit by ransomware still have cyber insurance against it.

    And it’s getting more difficult to obtain cyber insurance, as insurers evolve their understanding of what is a secure insured and what is not. According to the report:

    • 94% of those with cyber insurance said the process for securing coverage had
    • changed over the last year.
    • 54% say the level of cybersecurity they need to qualify is now higher
    • 47% say policies are now more complex
    • 40% say fewer companies offer cyber insurance
    • 37% say the process takes longer

    And even if you get a policy, there’s no guarantee the attack scenario you encounter is covered, as many organizations have needed to go to court over being paid out based on their policy.

    So the best plan is to have as secure an environment as is possible – which includes securing your users with continual Security Awareness Training to minimize the threat of email- and web-based social engineering attacks designed to give attackers entrance into the organization’s network.

     

    Return To KnowBe4 Security Blog

    Request A Demo: Security Awareness Training

    products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

    Request a Demo!

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/kmsat-security-awareness-training-demo

    Topics: Cybersecurity

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews