The criteria according to which cyber insurers assess risks are evolving. In the past, prevention was the key factor. If an enterprise had good controls, insurance providers felt safe in providing their services. These days, however, the new criterion comes into play: response. Cyber insurance providers are getting increasingly interested in knowing how quickly an enterprise can react, mitigate an incident, restore its normal functioning, communicate with relevant parties, and minimize losses once an attack starts.
This is quite natural because even a well-protected enterprise can be hacked. Phishing attacks, password thefts, misuse by insiders, supply chain infiltration, and ransomware can find a way into even a well-protected system. Therefore, insurance providers today have to start considering what happens when the protection system fails.
Why Prevention Is No Longer Enough?
Prevention is still relevant, but it is not a way to avoid risks. The attackers evolve very fast, and human mistakes cannot be avoided. The company may have good prevention methods but end up having its systems breached just due to one compromised account or one vulnerable service. Insurance companies found out that the prevention promises do not always correspond to reality.
Response is important since it defines the extent of the damage. If the company is able to isolate the systems, collect the evidence, and restore from the backups, the losses will be lower.
What Insurers Are Looking For
Increasingly, insurers are looking for incident response plans, testing of backups and recovery, access control, logging, and coordination among executives. These organizations are interested in finding out whether the organization is capable of responding effectively in those initial hours of the attack. More importantly, they expect proof of testing, not just documentation of the plans.
This puts a premium on operational preparedness. Organizations that have drilled their teams in responding to ransomware attacks, privilege escalation incidents, and other such scenarios have become more appealing to underwriters. They have shifted focus from having a good show of security on paper to actually being able to withstand an attack and come through unscathed.
The Bigger Picture
With cyber insurance shifting towards showing what happens after the disaster rather than preventing disasters altogether, response is as important as prevention.
Find more resources on cybersecurity, threat intelligence, digital risk, privacy compliance, and consent management through IntelligenceX CyberSecurity and ConsentX. IntelligenceX helps organizations identify and understand emerging cyber threats through focused digital intelligence analysis and investigations, while ConsentX empowers businesses to achieve global privacy compliance with comprehensive consent management, cookie compliance, and data privacy solutions.
Top comments (0)