As cybercrime becomes more sophisticated, organizations of all kinds are increasingly vulnerable. Many are targeted by cybercriminals simply because they may lack the time, resources, or infrastructure to properly defend themselves.
The good news? There are proactive steps businesses can take to reduce risk, and one of the most impactful is securing cyber insurance.
Cyber insurance can impact a business’s ability to navigate and survive these attacks. However, with the sharp rise in cyber incidents, coverage has become more complex, harder to obtain, and more expensive.
Cyber Threats on the Rise
The risk and severity of a cyberattack have increased significantly in recent years. For example, RiskRecon reports an increase of 152% in data breaches at small businesses between 2020 and 2021.
Furthermore, ransom demands have more than doubled.
According to the Palo Alto Network report, the average ransom demand reached $2.2 million in 2021, up 144% from the year before.
As businesses expand their networks, new cyberattack opportunities have emerged, such as phishing scams and ransomware.
Cybercriminals can attack hundreds, if not thousands, of these vulnerable networks simultaneously because few businesses have proper network security or the resources to prioritize cybersecurity awareness.
In addition to the increasing need for network security, business leaders are searching for cyber insurance policies to help prevent and respond to a cyberattack.
New Challenges in Securing Cyber Coverage
Cyber insurance has become vital, given the frequency of threats targeting businesses.
However, as ransom demands reach millions, the cost of cyber protection has risen accordingly.
“Pricing for small business cyber insurance has gone up between 10% and 40% annually in the last 24 months,” says Mike McBride, chief executive officer of Mason-McBride. And pricing isn’t the only obstacle. “More small businesses on a percentage basis are being declined for coverage due to tighter underwriting and compliance requirements,” Mr. McBride said.
Stricter Security Requirements
As insurers respond to the increasing volume and severity of claims, they’ve adopted more rigorous guidelines. Businesses must now demonstrate that they’ve implemented robust cybersecurity measures before they can qualify for coverage.
According to the Council of Insurance Agents & Brokers (CIAB), underwriters are taking a much closer look at how organizations manage their cyber risk. Lacking basics like Multi-Factor Authentication (MFA) or data encryption can lead to being deemed uninsurable.
Carriers are also requiring:
- Strong password protocols
- Vendor and third-party risk management
- Regular employee training on phishing threats
- Documented incident response plans
- Data backups
- Endpoint detection and monitoring tools
Some insurers have also added ransomware coinsurance clauses, requiring businesses to share a portion of potential ransom payments out-of-pocket.
“Cyber insurance is becoming increasingly difficult to obtain as the application and renewal processes are changing rapidly. Many of our clients are caught by surprise, and some are denied renewal coverage when unable to respond with the appropriate safeguards,” says Jamie Parry, Vice President of Mason-McBride. Nonetheless, it is now more important than ever to have coverage. “As the likelihood of a cyberattack grows, we are seeing more and more claims where a cyber policy can mean the difference between recovering from a cyber attack and losing everything you’ve worked so hard for,” Mr. Parry said.
Real-Life Cyber Insurance Claim
Consider this real-world example from a nonprofit organization that fell victim to a cyberattack:
A cybercriminal gained access to the Finance Director’s email account and remained undetected for more than four months. After identifying key contacts and patterns, the attacker spoofed the organization’s domain, set up email rules to divert replies, and sent fraudulent instructions that led to two unauthorized fund transfers totaling nearly $1.3 million.
A short time later, suspicious gift card requests triggered an internal alarm. The organization quickly contacted its insurance provider, Coalition.
Coalition‘s team identified 82 malicious logins across multiple countries and worked with law enforcement to intervene.
Thanks to quick action and a responsive claims process, the organization recovered all but $500 of the stolen funds.
Claim Scenario provided by Coalition
The Role of Cyber Insurance
Cyber insurance can help organizations recover from data breaches and other incidents by covering:
- Forensic investigation costs
- Legal expenses
- Customer notifications and credit monitoring
- Business interruption losses
- Regulatory fines and lawsuits
It can also protect against third-party claims involving the unauthorized disclosure of personal or sensitive information.
Get Ahead of Cyber Risk
As threats continue to evolve, taking a proactive approach is essential. At Mason-McBride, we help organizations across industries assess their risk and secure cyber insurance solutions designed to protect what matters most.
Through our strong partnerships with industry-leading carriers, we offer insurance solutions that help mitigate these threats.
Find out how Mason-McBride can protect your data and request a proposal.
For helpful tips on other popular topics, check out:
Article By Jamie Parry
