Headlines

Unveiling the Cyber Insurance Gap: Delinea Research Exposes Vulnerabilities

Unveiling the Cyber Insurance Gap: Delinea Research Exposes Vulnerabilitiescyberinsurance,insurancegap,DelineaResearch,vulnerabilities

The Growing Gap in Cyber Insurance Coverage

Introduction

The demand for cyber insurance has reached unprecedented levels as organizations increasingly recognize the need to protect themselves from the ever-evolving threat landscape. However, a recent report by Delinea reveals a significant gap emerging between insurance carriers and organizations seeking comprehensive and affordable coverage. The study, based on a survey of over 300 organizations in the US, highlights several key trends and challenges in the cyber insurance market.

Lengthy Application Process

One of the primary concerns raised in the report is the mounting time and effort required to obtain cyber insurance. The survey found that the number of companies requiring six months or more to secure coverage has skyrocketed year over year. In the previous year’s report, only one organization reported a timeframe of over six months, while over 20 respondents indicated such delays in this year’s survey.

Exclusionary Factors

Despite the prolonged application process, organizations are still facing uncertainties when it comes to the coverage they obtain. The survey identified several exclusions listed in many cyber insurance policies that could render the coverage void. These exclusions include the lack of adequate security protocols (43%), human error (38%), acts of war (33%), and non-compliance with proper procedures (33%). Consequently, even if organizations manage to secure cyber insurance, their claims may be denied or reduced due to the fine print.

The Maturation of Cyber Insurers

Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea, suggests that cyber insurers are now maturing and learning from their data. Initially, they were primarily focused on addressing the high demand for cyber insurance, but they are now taking steps to reduce their exposure to avoidable and uncontrollable circumstances. This change necessitates a closer examination of insurance policies and an understanding of how they may have changed over time.

The Cyber Insurance Gap

The survey findings indicate that most organizations are not approaching cyber insurance with the necessary diligence. They are primarily focused on obtaining coverage without thoroughly assessing whether the policies they secured in the past still meet their current needs. This oversight could leave organizations in a vulnerable position when faced with a cybersecurity incident, potentially putting their financial safety net at risk. Bridging the “cyber insurance gap” requires organizations to adopt a proactive approach, regularly reviewing their policies, and ensuring alignment with their evolving requirements.

Investment in Cybersecurity Solutions

Despite the challenges in obtaining comprehensive cyber insurance coverage, organizations continue to prioritize cybersecurity solutions to protect themselves and meet the increasing requirements set by insurance providers. The survey indicates that 96% of organizations purchased at least one security solution before their cyber insurance applications were approved. Furthermore, 81% of respondents received the necessary budget to acquire their desired cyber insurance policies, with 36% considering it a requirement from their Boards of Directors and executive management teams.

Access Control Solutions as Requirements

The majority of cyberattacks involve stolen credentials, prompting insurance providers to mandate related security controls. The survey reveals that approximately half of the respondents reported the requirement of Identity and Access Management (IAM) controls (51%) and Privileged Access Management (PAM) controls (49%) in their cyber insurance policies. Organizations responded to these requirements by investing in IAM solutions (50%), password vaults (45%), and PAM controls (44%) to ensure their coverage.

Essential Security Controls

Joseph Carson emphasizes the importance of implementing access control solutions, such as IAM and PAM, before seeking or renewing cyber insurance coverage. These security controls are essential components of a comprehensive cybersecurity strategy and should be accompanied by other foundational measures such as anti-malware software, data encryption, firewalls, intrusion detection systems, patch management, and vulnerability management.

Editorial Perspective: A Call for Collaboration and Education

The findings of Delinea’s report shed light on the challenges organizations face in obtaining comprehensive and affordable cyber insurance coverage. It is crucial for insurance carriers, organizations, and cybersecurity experts to collaborate closely to bridge the existing gap and ensure that organizations are adequately protected against cyber risks.

Insurance carriers should continue to evolve their policies based on the evolving threat landscape, using data and insights to refine their coverage offerings. Clear communication of policy changes, enhanced transparency, and continuous engagement with insured organizations can help create a more informed and resilient cyber insurance market.

Organizations, on the other hand, must approach cyber insurance with the same diligence they apply to their cybersecurity strategies. Regular policy reviews, understanding coverage exclusions, and seeking expert advice on the adequacy of the coverage for their specific needs are essential steps to ensure their financial safety net remains intact when facing a cyber incident.

Finally, cybersecurity experts play a crucial role in educating organizations about the importance of implementing robust security controls and foundational measures. By providing guidance on access control solutions, enhancing awareness about the evolving threat landscape, and offering best practices for risk mitigation, experts can empower organizations to proactively protect themselves and demonstrate readiness for cyber insurance coverage.

Conclusion

The State of Cyber Insurance report from Delinea highlights the growing gap between insurance carriers and organizations seeking comprehensive and affordable coverage. The lengthy application process, coupled with an increasing list of exclusions, has made securing adequate cyber insurance a more challenging task. However, with collaboration between insurance carriers, organizations, and cybersecurity experts, this gap can be bridged.

Organizations must approach cyber insurance with diligence, conducting regular policy reviews, understanding coverage exclusions, and investing in robust security controls. Insurance carriers should continuously refine their policies based on evolving threats and communicate policy changes effectively. By working together, these stakeholders can create a more resilient cyber insurance market that supports organizations in mitigating the financial risks associated with cyber incidents.

Insurance-cyberinsurance,insurancegap,DelineaResearch,vulnerabilities


Unveiling the Cyber Insurance Gap: Delinea Research Exposes Vulnerabilities
<< photo by Kelli McClintock >>
The image is for illustrative purposes only and does not depict the actual situation.

You might want to read !