Cybersecurity Insurance

Leveraging MXDR to Mitigate Risk and Keep Claims Down - Cybersecurity trends keep getting more and more troublesome as the sophistication and frequency of attacks continues to rise. The growing uncertainty has resulted in companies looking to cyber insurance to transfer the risks to insurers. However, there is still a problem with this strategy. Cybersecurity insurance coverage expenses are increasing at rates never seen before as hackers continue to devise new tactics to defeat controls that result in claims at an unsustainable pace. What can companies do to mitigate cyber threat exposure and reduce their premiums?

As more organizations invest in coverage, they also need to invest in other affordable and effective ways to minimize their potential cybersecurity exposure. One effective approach is to leverage Managed eXtended Detection & Response (MXDR) services to address and limit the damage of current and future cyber threats while keeping claims down.

Cybersecurity Insurance

Like any other product in the market, cyber insurance solutions have followed a familiar pattern where carriers enter the market, resulting in increased capacity and expanded coverage terms. At the outset, the cyber insurance market featured an environment that quickly absorbed the impact of any cyberattack claim. Because of this, companies worldwide are turning to cybersecurity insurance to transfer risks and avoid prospects of significant financial and reputational fallout that result from an attack. Today cybersecurity insurance providers are issuing more policies than ever, including the first cyber insurance program exceeding $1 billion in 2020.

Increasing Claims – What is Causing the Rise?

There is a darkening mood among the cyber insurance underwriting community as cyber claims increase in frequency and severity. Recent studies have revealed a sharp uptick in different attacks, such as ransomware and social engineering, especially during the pandemic.

1. Uncertainties During the Pandemic - Although organizations have experienced cyberattacks from viruses, ransomware, denial of service, and other breaches in the past, last year saw an increase in sophistication and frequency as hackers designed coronavirus-themed attacks. Simultaneously, more people migrated to remote work to curb the COVID-19 spread, making cyberattacks easier to pull off.
   
   The United Nations disarmament chief stated that the COVID-19 pandemic is moving the world toward increased technological innovation and online collaboration. Hackers have recently found a favorable environment stoked by the fear and uncertainty around the pandemic and a trend toward companies willing to pay a ransom following a cyberattack. These have combined to lead a startling statistic: a cyberattack occurs every 39 seconds.
2. Frequent Ransomware Attacks - A recent analysis by Chainalysis revealed an increase in ransomware attack payoffs of 311% in 2020. Not only has the frequency of attacks increased, but hackers are shifting focus. They are targeting larger enterprises with higher ransom demands and smaller firms with ransomware-as-a-service tactics.
   
   A record of ransom negotiations seen by Reuters revealed that the US travel services company CWT paid $4.5 million to malicious hackers who stole massive amounts of confidential files and took down 30,000 computers. In a different case, Garmin experienced a worldwide outage in 2020, where WastedLocker Ransomware authors demanded $10 million.
   
   At the same time, ransomware-as-a-service is becoming popular, making it easy for hackers to target smaller organizations and individuals. With such subscription services, affiliates can deploy already developed ransomware software to execute attacks. Cybercriminals pay a percentage of the earnings to the ransomware vendor upon each successful payment.
3. The Rise in Social Engineering Attacks - Social engineering attacks have also driven losses, with the attacks doubling in the past few years. The social engineering tactic is dangerously effective and has been trending upward as hackers discover its efficacy. Data shows that phishing, a subset of social engineering, was responsible for 25 percent of data breaches in 2019.
   
   AIG validated the increased cyber insurance claims trend in its 2019 Claims Intelligence Series. The insurer reported that business email compromise claims accounted for 23 percent of all cyber insurance claims the company settled in different regions.
4. Regulations Effect on Claims Frequency - AIG mentioned about the “GDPR effect” concept on the overall claims’ frequency in their Claims Intelligence Series. According to the insurer, there is a spike in notifications following the implementation of stringent regulations, such as the EU’s General Data Protection Regulation in May 2018.
   
   Data protection laws introduce strict breach notification guidelines, resulting in timely notifications from businesses. The financial penalty risk that new regulations bring compels more executives to turn toward cyber insurance coverage. In effect, GDPR’s potential fines and other exposures raise cyber insurance claims.

Partnering with MXDRs to Mitigate Risks and Keep Claims Down

The recent rise in cyber insurance claims can be blamed on inadequate security measures that companies implement. For instance, employees use poor passwords for online accounts, companies lack multi-factor authentication, and there are no clear strategies for detecting and responding to incidents.

With cyber threats rising daily, both in sophistication and volume, organizations can mitigate risks and keep cyber insurance claims down by enhancing their cyber incident detection capabilites and response mechanisms. To achieve the security goals, it is essential to employ MXDR services that identify, isolate, and contain threats across all systems and hosts.

Get Started with Securus360 MXDR Services

Securus360 delivers a proactive, cloud-native approach to manage a company’s cybersecurity posture by detecting and responding to malicious activities in networks and systems. The team uses the latest artificial intelligence and machine learning-based security tactics to provide cybersecurity monitoring, threat hunting, incident analysis, and attack response.

Apart from deploying advanced and reliable security tools, Securus360 provides access to human security experts and engineers that monitor networks and respond to cybersecurity incidents 24 hours a day 7 days week. You can mitigate risks and keep claims at acceptable levels with an AI-driven MXDR that discovers and responds to cyberthreats at machine speed. The Securus360 MXDR platform combines machine learning, security automation, and human intelligence to swiftly detect and respond to advanced threats. The process interrupts offensive campaigns before cybercriminals achieve their objectives, effectively minimizing cyber insurance claims.

Contact Us to Learn More