Organizations face stiff headwinds when it comes to getting the cyber insurance necessary to survive in the face of blistering attacks. The bottom line: as the number of attacks increase – and with it the damage to organizations, cyber insurance is becoming harder and more expensive to obtain.
The challenges are captured in a recent Sophos report: “Cyber Insurance 2022: Reality from the InfoSec Frontline.” Insights in the report were gleaned from a survey of 5,600 IT professionals. Among the findings:
Over the last year, companies have been dealing with the following:
- A 57% increase in the volume of attack
- A 59% increase in the complexity of attacks
- A 53% increase in the impact of attacks
When it comes to ransomware, things are getting worse. When asked if they’d been hit by ransomware in the last year, 66% of respondents said yes – up from 37% when we asked the same question last year. What’s more, the average ransomware payment is now north of $800,000 whereas last year it was around $170,000.
When it comes to trying to get cyber insurance in 2022:
- 54% said the level of cybersecurity they need to qualify is now higher
- 47% said policies are now more complex
- 40% said fewer companies offer cyber insurance
- 37% said the process takes longer
- 34% said it is more expensive
But these storm clouds have a silver lining: Almost all of those surveyed have made changes to their defenses in order to secure insurance. Of those who made changes:
- 64% have implemented new technologies and services
- 56% have increased staff training and education activities
- 52% have changed processes and behaviors
For more detail, download the full report.