Surge in Cyber Insurance Adoption Driven by Increased Cyber Attack Risks and Contractual Requirements

The 2023 Cyber Insurance Outlook Report, a collaborative effort between Arctic Wolf and Cyber Risk Alliance, reveals a significant uptick in cyber insurance adoption, with more than 70% of surveyed organizations currently covered, and nearly half of these policies initiated within the last year. This surge is largely attributed to a growing awareness among businesses that cyber attacks are not a matter of if but when, coupled with increasing requirements for cyber insurance in third-party vendor contracts.

Kevin Kiser, senior director of insurance sales at Arctic Wolf, emphasizes the shift in mindset towards cybersecurity at the board and C-levels, where it has become a standing topic of discussion. The urgency for cyber insurance is further propelled by contractual obligations, making it a prerequisite for securing partnerships and integrating into business ecosystems.

However, securing cyber insurance coverage is becoming more challenging as insurers intensify their due diligence, raising premiums, and setting higher standards for cybersecurity controls. According to the report, which surveyed over 500 IT security professionals, 77% of respondents witnessed an increase in their annual premiums. This trend is a direct consequence of the rising number of claims, prompting insurers to meticulously assess applicants’ cybersecurity measures.

Kiser advises companies to strengthen their cybersecurity foundations, highlighting the importance of multi-factor authentication (MFA), effective backup strategies, external vulnerability scanning, and incident response planning. Collaboration between insureds and insurance brokers is key, especially as underwriters grow more selective. Kiser advocates for a united approach where IT stakeholders, CFOs, risk managers, and brokers engage in comprehensive discussions to mitigate risks, thereby crafting a compelling narrative for underwriters.

As the landscape of cyber threats evolves, the dialogue between organizations and their insurers becomes increasingly vital, underscoring the necessity for robust cybersecurity practices and transparent communication to navigate the complexities of cyber insurance coverage in 2024 and beyond.