Minimizing Risk to Obtain Cyber Insurance

Ransomware payments more than doubled between 2020-2021 forcing insurers to take bigger losses and sending the cybersecurity insurance market on a volatile path that has only recently begun to stabilize. And while the end of 2022 saw an 80% deceleration in cyber insurance rate increases, improving market outlook for 2023, most carriers believe cyber risk will continue to rise as ransomware remains a top threat. As a result, organizations can expect increased scrutiny during the underwriting process on their security controls and internal processes and procedures concerning cyber risk. Additionally, there remain troubling exclusions for widespread events (i.e., Log4j) and incidents that can be tracked to the war in Ukraine or nation-state sponsored attack groups. In fact, carriers continue to reduce or even exclude ransomware-related coverages if the organization fails to demonstrate adequate controls in managing this risk

Over the last 12 months, Mandiant has seen an increase in cyber insurer involvement during incident response engagements. While CISOs are not consistently consulted in policy coverage decisions, we recommend CISOs work hand-in-hand with an organization’s risk manager and legal counsel to ensure accuracy in the application process and review policies so they are not caught off-guard during a breach.