The Evolving State of Cyber Insurance May Indicate More Scrutiny for IT and Security Teams

Evolving State of Cyber InsuranceThe need to balance offering coverage for cyber incidents with maintaining a profit has cyber insurers rethinking how they will approach measuring insured risk and exposure.

In a recent SecurityWeek article on the topic, Vishaal Hariprasad, CEO at cyber insurer Resilience described how cyber insurers have changed their tactics to minimize their exposure when taking on policies: “In 2016, you could buy a million-dollar cyber insurance policy and they would ask you, do you have your IT person, and did you guys buy a firewall? They never asked is the firewall turned on, because the insurance industry didn’t care back then.”

Hariprasad went on to describe the very different and better informed position insurers take today. “Insurers need to know, is your firewall turned on? Is it consistently patched? Are you continuously bringing in the right data feeds? And are you monitoring them?” What is needed is a new cooperative relationship between the insurer and the insured.”

In essence, organizations should begin to expect a new relationship dynamic between cyberinsurer and their policyholder’s IT departments – where insurers may need to gain a detailed understanding of just how secure the organization’s environment really is before issuing a policy.

In reality, this isn’t too far off the mark for homeowner’s insurance; your home is inspected down to the number of nails in roof rafters for the insurer to understand what exactly their risk is. In cybersecurity terms, it’s reasonable to expect cyber insurers to want to look through your security stance with a fine-toothed comb looking at every possible point of exposure to better inform themselves of just how much risk you pose before issuing a policy.

In the end, it’s going to result in improved security stances, and less claims for insurers. Everybody wins. 

The world's largest library of security awareness training content is now just a click away!

In your fight against phishing and social engineering you can now deploy the best-in-class simulated phishing platform combined with the world's largest library of security awareness training content; including 1000+ interactive modules, videos, games, posters and newsletters.

You can now get access to our new ModStore Preview Portal to see our full library of security awareness content; you can browse, search by title, category, language or content topics.

ModStore01-1The ModStore Preview includes:

  • Interactive training modules
  • Videos
  • Trivia Games
  • Posters and Artwork
  • Newsletters and more!

Start Your Preview

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Topics: Cybersecurity

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews