In a previous post, “Ransomware Insurance Demand Spikes, Coverage Drops, Hackers Thrive“, we delved into the burgeoning challenges in the cyber insurance landscape. The article emphasized how the surge in ransomware attacks had not only spiked insurance demand but also led to a financial crunch for insurers, with direct loss ratios soaring to 73% in 2020. As a result, insurers began recalibrating their risk profiles, hiking premiums, and narrowing coverage scopes. With insurers essentially forcing businesses to adopt robust cybersecurity measures as a prerequisite for coverage, the cyber insurance landscape experienced a fundamental shift in roles and expectations concerning cyber risk.
The effort to shift the responsibilities for cyber risk back on to businesses proved to be effective as direct incurred loss and defense and cost containment (DCC) expenses ratio improved to 43% in 2022 from 68% in 2021. However, despite the progress, the cyber insurance industry is continuing to tighten the reins as the frequency and severity of cyber insurance claims in the US continues to rise. Based on the data from Coalition’s 2023 Cyber Claims Report: Mid-year Update, the first half of 2023 saw a 12% rise in the overall frequency of claims and a 42% surge in claim severity, with the average loss exceeding $115,000.
Given the uncertainty in the claims environment due to rapid technological changes and the potential for new types of cyber incidents, in addition to hiking up rates, insurers are broadening exclusion criteria that could void coverage for incidents resulting from a lack of security protocols, human error, acts of war, and for failing to follow proper compliance procedures.
In a move that further complicates the cyber insurance landscape, many insurers are now mandating that their clients use one of their preferred security vendors. According to recent Forrester research, 70% of enterprises with cyber coverage are required to select from their insurer’s panel of preferred providers. Some even go one step further and now require clients to install their own security appliances within the client’s IT environment.
As insurers continue to put the burden of risk onto businesses, the emphasis is turning towards adopting more of a proactive cybersecurity strategy to prevent the attacks from occurring in the first place. This pivot underscores the critical need for companies to scrutinize their cybersecurity investments, not just as a compliance requirement for insurance but also as a fundamental business practice.
The Role of Curated Threat Intelligence in Proactive Cybersecurity
As proactive cybersecurity measures become not just advisable but mandatory for insurance coverage, the role of threat intelligence feeds has never been more critical. These feeds empower security teams to effectively detect, prevent, and respond to cyber threats. However, their effectiveness is intrinsically tied to the quality of intelligence they deliver. Poor-quality or outdated intelligence not only fails to offer adequate protection but also triggers false positives. These false alarms waste valuable time and resources, causing alert fatigue and further exacerbating the challenges of an already complex cybersecurity environment.
The Complex Task of Evaluating Threat Intelligence Providers
Evaluating threat intelligence feeds is a challenging task. Security professionals face a saturated market of vendors, a high demand for external threat intelligence, and a shortage of skilled staff. Moreover, there are no universal standards for assessing the quality of threat feeds, leaving many organizations unsure of where to begin.
To help guide you through this complex task, zvelo has published a blog series focusing on the most effective ways to evaluate threat feeds. Investing in curated threat intelligence is not just a tactical move but a strategic decision that impacts your overall security posture and, consequently, your attractiveness to cyber insurers.
The landscape of cyber insurance is evolving rapidly, putting the onus on businesses to adapt and be proactive in their cybersecurity measures. Curated threat intelligence feeds are a critical component of this proactive strategy. By taking actionable steps to comply with new insurance requirements and investing in high-quality threat intelligence, businesses can not only secure better insurance terms but also significantly improve their cybersecurity posture.
Ready to take the next step in fortifying your cybersecurity strategy? Check out zvelo’s blog series on evaluating threat intelligence feeds to get started.
