Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Tighter Policies Mixed with Higher Costs Are Creating a Cyber Insurance Gap

    Stu Sjouwerman | Sep 20, 2023

    Cyber Insurance Wont Cover Cyber WarNew data on the state of cyber insurance shows that it’s becoming more difficult to get a policy, and the organizations obtaining one share that circumstances could cause denial of claims.

    It seems that every organization is either obtaining or seeking cyber insurance as another required part of their cybersecurity strategy. As the insurers continue to learn from the claims stemming from their issued policies, there are some new trends emerging. According to cybersecurity vendor Delinea’s 2023 State of Cyber Insurance report, cyber insurance is creating a gap that may make the case that tighter security controls may end up being a better answer.

    Let’s start with the obtaining of a policy. It’s not as simple as getting, say, car insurance:

    • 28% of organizations with less than 250 employees who applied were denied coverage
    • 63% of larger organizations had to use insurance-provided solutions/appliances
    • 67% of organizations say it took 4 months or longer to obtain a policy
    • 69% of organizations have experienced an increase in cyber insurance premiums of 50% to above 100%

    And once organizations had the policy, it isn’t as easy as placing a claim and it’s covered. According to the report, 79% of organizations have needed to place a claim with their cyber insurer and yet the following were some of the reasons claims were denied:

    • Lack of security protocols in place (experienced by 43% of organizations)
    • Human error (38%)
    • Not following compliance procedures (33%)
    • Not reporting to the insurer first (31%)

    The gap created is the idea of costs (both in terms of premiums and additional required solutions) going up and the increased denial of claims . In essence, it feels like we’re paying more for a service we’re not going to be able to take advantage of. What’s also interesting is the increasing requirement for additional security solutions – and yet, it’s people-related mistakes (as denoted by three of the four bullet points) that are the reasons for denials.

    It’s the human element that we can speak to – by educating your users through new-school security awareness training. It is designed to increase their vigilance when it comes to interacting with malicious content in email and on the web, organizations can reduce the risk of a successful attack in the first place, and in turn negating the need to place an insurance claim at all.

    Topics: Cybersecurity

    See KnowBe4 Security Awareness Training in Action

    See how you can efficiently safeguard your organization from sophisticated social engineering threats.

    Request a Demo

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the Founder and Executive Chairman of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog

    Posts By Topic

    View All