Insuring against cyber attacks
Sophos’ annual study of the real-world experience of IT professionals at the frontline has revealed how their experience of obtaining cyber insurance coverage has changed over the past year. It also shows the impact cyber insurance has had on their cyber defences.
With ransomware a major driver of both cyber insurance purchase and claims, the study also shines light onto how often cyber insurance policies pay out in the event of an attack and the types of costs that are addressed, including how often insurers pay the ransom.
Sophos commissioned research agency Vanson Bourne to conduct an independent, vendor-agnostic survey of 5 600 IT professionals in mid-sized organisations (100-5 000 employees) across 31 countries and a wide range of industries, during January and February 2022.
Overall, 92% of all respondents said their organisation currently has some level of cyber insurance coverage in place, and 83% of respondents have cyber insurance that covers ransomware, although almost half say there are exceptions and exclusions in their ransomware coverage.
As the cyber insurance market hardens and it becomes more challenging to secure coverage, almost all organisations with cyber insurance have made changes to their cyber defences to improve their insurance position, by implementing new technologies/services, increasing staff training/education activities and changing processes/behaviours.
“There are several challenges faced by our clients, including financial challenges, and a lack of knowledge regarding the cyber security threat landscape,” says Ross Anderson, Sophos Product Development Manager at Duxbury Networking.
Qualifying for cyber insurance today requires a concerted effort to do all you can to reduce your risk profile. Those who get the best terms, rates and limits will be those who pose the least risk to the underwriters. If you want to obtain cyber insurance, you should have in place strong technological defences combined with educated and trained users, plus up-to-date procedures.
Sophos has partnered with Cowbell, a provider of cyber insurance for small and medium-sized enterprises (SMEs). The partnership provides businesses with an easy way to access cyber insurance and will allow Sophos customers to share their security health information with Cowbell to facilitate optimal premium quotes and policies.
Sophos will facilitate access to Cowbell insurance through the Sophos Marketplace. Plus, companies can explore Sophos Managed Detection and Response (MDR) via the Cowbell Marketplace, providing easy access to the MDR service that protects more than 15 000 organisations.
In addition, Sophos has also partnered with Measured Analytics and Insurance, the AI-powered cyber insurance provider. The collaboration unlocks Measured's insurance premium savings for Sophos customers in recognition of their strong cyber defences. Sophos endpoint customers looking to secure insurance coverage can opt-in to share their security posture from the Sophos Central platform with Measured Analytics.
“The calibre of an organisation’s cyber security defences in protecting against active adversaries is critically important. Organisations need to properly configure and manage security technologies and also effectively respond to threats – and that requires an expert talent skillset,” says Raja Patel, senior vice-president of products at Sophos. “Industry-first threat detection and response capabilities now enable Sophos to meet customers where they are and with exactly what they need to ensure superior security outcomes."
“We are aware of how challenging it can be to insure against one’s cyber risks, and we therefore try to assist our clients by continuously educating them about the risks of a cyber attack and the negative effects it can have on their businesses. We would suggest that companies adopt a strong anti-ransomware product stack into their network to drastically minimise the risk of financial losses caused by sophisticated cyber threats,” says Anderson.
Since its formation in 1984 by CEO, Graham Duxbury, Duxbury Networking has embraced ongoing technological changes within the ICT sector in order to provide its customers with access to the latest trends and solutions. Satisfying the evolving and diverse needs of its customer base is achieved through an emphasis on sourcing cost-effective, high-quality products from carefully selected local and international vendors. Aligned with this is the provision of uncompromising technical support, which is possible due to an extensive investment in the training and upskilling of its team. The company is driven to take an active role in reshaping and redefining the South African digital landscape in its mission to help its customers build a network that will support current and future technologies.