Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know.

What We Mean When We Talk About Cyber Insurance

Cyber insurance is more than a policy for paying off ransomware gangs. It's designed to be something you transfer risk to when security controls fail.

Tiago Henriques, Vice President of Research, Coalition

June 16, 2022

4 Min Read
Illustration of umbrella protecting from binary code rain, a cyber insurance, data protection, security, privacy concept
Source: pickup via Adobe Stock

Digital risks are a pervasive aspect of operating in today's digital economy, threatening organizations large and small no matter how hardened their security defenses. Unfortunately, preventing cyber incidents is impossible; instead, solving cyber-risk is a combination of proactive measures and risk transference.

As cyberattacks become more frequent and sophisticated, many organizations are adding cyber insurance to their security portfolios. But not everyone understands just what the "cyber" in "cyber insurance" entails.

Cyber insurance was created to protect organizations and individuals against digital risks like ransomware, malware, and phishing campaigns. Whereas traditional insurance policies often only accept the transference of known physical risks (such as damage to equipment, stock, or locations), cyber insurance enables businesses to transfer the costs associated with recovery from the tangible and intangible losses related to a cyber-related security breach or similar event.

Although still somewhat in its infancy, with less than 1% market penetration, cyber insurance is expected to grow into a $20 billion industry by 2025.

Anyone new to cyber insurance might mistake it for a policy that pays off attackers to retrieve or unlock data. But it's much more than that.

What Is Cyber Insurance?

Cyber insurance is something you transfer risk to when your online security controls fail. Cyber insurance can cover multiple liabilities, such as loss of funds and income, expenses related to business interruptions, payments to experts to recover data, and even compensation for bodily injuries, depending on the resulting damage and prescribed policy.

Cyber insurance rates and coverage will be based on the maturity and thoroughness of your cyber defenses, among other factors. Typically, a provider will assess your vulnerabilities as part of the quoting process. This exercise can include, for example, a complete security report of all external assets and detection of potential security issues.

The average cyber-insurance policy for a small to midsize enterprise in 2021 was $1,589 for $1 million in cyber liability coverage. Prices are also based on factors like coverage or limits to what the provider will pay, as well as retentions that are similar to the deductible you pay for your car and home insurance. Other factors are considered, like your industry and the results of security scans.

What Is the Role of Cyber Insurance Providers?

Providers can also offer additional scanning and monitoring features to apprise you of potential vulnerabilities. For example, they might include services like full attack surface discovery and monitoring for your organization and five vendors.

They can monitor the Dark Web for keywords to determine if your name is mentioned. They can provide domain monitoring to see if an attacker is preparing a social engineering attack and adding an SSL certificate or an MX entry to a domain like yours. Or they might offer torrent monitoring to see whether your assets are downloading torrents.

By bridging the gap between physical and digital risks, cyber insurance allows companies to get back online and resume normal business operations faster after an incident, minimizing the cost to their recovery.

What Is a Cyber Claim?

Unlike nontechnical events like fires and floods, a cyber-insurance claim might be determined by means of attack and your ability or effort to prevent it. Because cyber insurance is still somewhat new and undefined, events and damages that would initiate a claim can be vague and inconsistent. Depending on the situation, the provider may deny coverage.

The most common forms of claims are based on data privacy liability, cyber extortion, network business interruptions, and recovery and restoration of data assets. But the majority of claims are related to breaches.

Does My Business Qualify for Cyber Insurance?

Some businesses may not see themselves as a target to threat actors, but that doesn't mean they are not vulnerable to cyberattacks or are uninsurable. When working with a cyber-insurance provider, companies are subject to an underwriting process that considers various aspects of their businesses (including risk posture, industry, and financial indicators) to determine coverage eligibility. Organizations that piecemeal their defense technologies or maintain lax security habits could be considered a higher risk and be charged higher premiums with lesser levels of coverage, the same way people who live in houses on flood plains have higher premiums.

A good cyber-insurance provider can provide recommendations and services to help prevent cyberattacks or paying ransomware hackers for their data. For example, they might tell you to turn off the Remote Desktop Protocol (RDP), which we know is a primary vector for ransomware. They might also provide guidance around what technologies are known to come with increased digital risks and help organizations adopt security best practices, such as patch management and implementing strong password guidelines.

Ultimately, staying on top of your digital risk involves finding the right risk management partner to help guide you. Cyber-insurance providers provide that extra level of expertise and coverage to reduce risks and provide financial support when things go wrong. In today's age of ransomware, this protection is more imperative than ever.

About the Author(s)

Tiago Henriques

Vice President of Research, Coalition

Tiago Henriques has had a rich career across the cybersecurity industry as an entrepreneur, CEO, pen tester, security analyst and auditor. In 2015 he founded BinaryEdge, a cybersecurity company specializing in enterprise infrastructure scanning and attack surface management. Since Coalition's acquisition of BinaryEdge in 2020, Tiago led customer security efforts across the organization as Director of Engineering for Security, recently becoming Vice President of Research.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights