Finance Monthly. F i nanc i a l Innov a t i on & F i nTech 51 those without it. This may be why insurers are taciturn about exactly what and who they pay out for. It is also possible that insurance has previously bred complicity and laziness within cybersecurity. Teams may have seen their insurance policy as their central security strategy and not recognised the value of proactive protection. Yet given the current climate, this will no longer be the case. Costs will continue to rise and cyberattacks will continue to increase. For businesses to even be considered by insurers and be able to afford the cover, they will be forced to up their cyber hygiene and embrace a more securityfocused culture. In this way, rising premiums can only be seen as a positive move that will manifest better security. Securing cyber insurance So, how do organisations demonstrate to insurers that they’re worth insuring at the lowest premium? Firstly, there needs to be a company-wide, top to bottom cultural shift that makes cybersecurity the responsibility of the entire team – not just the IT managers. This can start with education and training, conducted regularly and through phishing simulation that can test employees against the latest scams and feed back to insurers on how they’re performing. Businesses must also be proactively and continuously detecting and mitigating threats on their network. For organisations that simply do not have the resource in-house for regular threat monitoring, but will still be a target for ransomware, working with a certified security partner is key. This is particularly pertinent considering the cyber skills gap that is making hiring in-house a huge challenge. With a security partner, organisations can benefit from access to greater expertise and resources, and draw on the aggregate value of cyber professionals with extensive knowledge of the cybersecurity landscape. An outsourced Security Operations Centre (SOC), in particular, can help protect businesses of all sizes with 24/7/365 threat monitoring and protection. By demonstrating a securityfirst culture, with well-trained staff that can identify attacks, and implementing tooling and outsourced support to detect threat to your network, a business will be in far better situation to secure cyber insurance. While insurers are simply not prepared for the risk transference in the new era of ransomware and nationstate attacks, their stringent assessments of cyber hygiene may be what drives far better compliance in the coming years. “It is important to ask the question of whether cyber insurance, as an industry, may be exacerbating the issue of ransomware.” Rick Jones CEO DigitalXRAID “Reports have found that the price of cover in the UK grew by 92% in the fourth quarter of 2021 alone.”
RkJQdWJsaXNoZXIy Mjk3Mzkz