Cybersecurity Ventures predicts payouts from cybercrime victims will reach $10.5 trillion by 2025. Cybercrime has become the world’s most profitable non-government enterprise—larger than the illegal drug trade and larger than all but three of the world’s national economies. In this environment, companies large and small are turning to cyber insurance for protection.
For insurers, though, it’s challenging to gauge each client’s level of risk. Understanding the risk from cyberattacks requires highly accurate assessments of each client’s security defenses, assessments that are increasingly difficult to obtain as cyber-defense technologies evolve and attacks become more complex.
See also: The Evolving Landscape of Cybersecurity
Elements of Attack Prevention
The keys to good protection are visibility, threat detection, and rapid responses to attacks.
Visibility must include all IT and operational technology (OT) infrastructure, including the network, servers, endpoint devices, applications, cloud instances, and user behavior.
Threat detection mechanisms must be able to identify anomalous conditions and also to correlate multiple threat signals to reveal multi-vector attacks. (Most large cyber-attacks use a combination of tactics – tactics that may individually seem innocuous.)
Rapid responses are essential because the more time hackers have inside the infrastructure, the more damage they can do. Many large thefts of personal financial information from businesses like AT&T or Target weren’t discovered for months. Many cybersecurity tools now use AI to improve response time.
Insurers should strongly encourage clients to implement these mechanisms.
See also: As Cybercrime Advances. Cybersecurity Must Keep Up.
Gauging the Risk
For insurers, it’s essential to stay abreast of the evolving cybersecurity landscape (attack types as well as how they’re being defeated),and to have accurate sources of data that reveal each client’s readiness for cyberattacks.
Larger companies that staff their own security operations (SecOps) facilities can provide readiness metrics that show how and where attacks are occurring and how they’re being stopped. These reports are typically prepared for upper management by the IT managers or directors, but there’s no reason insurers shouldn’t have access to them, as well.
Small and mid-sized companies without the resources to staff a SecOps center may outsource the function to managed security service providers (MSSPs), and these services can also provide client readiness reports to insurers. Ideally, SecOps centers and MSSPs can be a bridge between insurers and prospective clients.
Insurers working with small or mid-sized companies can use MSSPs to open a new channel through which to reach potential customers, access expert regulatory compliance support, and create individually tailored coverage that meets their needs as well as their clients’ needs.
For potential clients, readiness reports and referrals to participating cyber insurance groups streamlines the process of obtaining insurance.
By partnering with cybersecurity providers, insurers gain expert advice about whether potential clients are protected, along with direct access to a new funnel of prospective clients from providers those clients already trust.