European companies think that cyber insurance is complex

cyber insurance

A report by Arctic Wolf shows that companies have a lot of trouble determining the right coverage for cyber insurance. That makes business leaders doubt its usefulness.

In its most recent report, Arctic Wolf takes a closer look at cyber insurance. The survey amounted to a generous 250 IT or business executives from companies that have taken out such a policy. Nearly half of the companies surveyed find it difficult to determine what risks to cover and how much coverage is needed.

The lack of clarity makes business leaders question the usefulness of cyber insurance. 41 percent of those surveyed experience difficulty convincing their boards of its usefulness, often because other priorities take precedence.

Stringent requirements

Companies struggle with the sometimes high demands imposed by insurers. Taking out insurance does not absolve you from adopting good security practices. Multi-factor authentication (51%) and managed detection and response (49%) are often required.

Other security measures are also necessary: 60 percent of respondents first had to mitigate security risks, for example, by implementing an incident response plan. In addition, 55 percent had to hire additional IT or cybersecurity personnel and 53 percent invested in security awareness training in order to obtain insurance. On that front, you could say that cyber insurance has a positive effect on security policies.

Cyber incidents affect premiums

It doesn’t stop from the moment you have insurance in place. Companies that have insurance in place continue to invest in security just as much. Cloud security monitoring (45%), incident response capabilities (44%) and network security (43%) are popular investments. These additional measures also help lower premiums. For example, 63 percent of companies were able to reduce their premiums by at least 10 percent thanks to investments.

read also

European companies think that cyber insurance is complex

This is necessary, because cyber insurance policies penalize you for incidents. 2 percent saw premiums rise after an incident, while 36 percent faced stricter controls from the insurer and 34 percent received more limited coverage or additional requirements.

The poll shows that insurers do do what customers pay for: 37 percent received assistance from an investigation and response team, which in some cases led to (partial) restoration of affected data. In addition, 30 percent have received legal assistance in litigation or compliance investigations.

According to Arctic Wolf, the demand for cyber insurance continues to grow, especially in Europe. But think of cyber insurance as a Band-Aid. It can reduce the cost of a cyber attack or speed up recovery. But the best remedy against cyber attacks remains prevention: even with insurance, organizations need to invest in their own security.