A new report from Delinea found that nearly 80% of US companies have been forced to use their cyber insurance, albeit often without covering what is needed.
Delinea says this should serve as a warning to organizations in the Asia-Pacific region that should learn from the US experience to avoid similar problems.
Survey elements were conducted by Censuswide among 300 US IT decision makers.
The report showed that more than half of the companies that used their coverage used it more than once. Delinea says that as a result, insurers are refusing to cover what is most needed, with only about 30% of organizations saying their policies cover critical risks, including ransomware, ransom negotiations, and a ransom payment decision.
Wahab Yusoff, Delinea vice president for Asia Pacific and Japan, says companies should not underestimate the importance of cyber insurance, but at the same time, they should ensure that it does not replace security strategies.
“Asia-Pacific, Australian and New Zealand organizations and councils should learn from the US experience to avoid similar problems,” he says.
“Organizations must be clear that cyber insurance is a security framework that complements, not replaces, a solid security strategy. Deploying state-of-the-art security solutions not only minimizes risk and protects the business, but also maximizes return on investment.”
Other key findings analyzed the status of claims and timelines when it came to cyber insurance. 70% of organizations were found to have applied for cyber insurance, with 93% being approved when they applied and 65% saying the process took less than three months.
While risk reduction was the top reason for filing (40%), a third (33%) of respondents said it was also due to the demands of executive management and boards of directors, and 25% cited recent ransomware incidents as a top priority. solutions. Driver.
With mounting pressure from above, it’s no surprise that 93% of teams received the budget they needed to purchase their cyber insurance policies, even though 75% of respondents said premiums increased at their most recent renewal.
“CEOs and boards of directors are using cyber insurance to reduce the costs associated with potential breaches. As a result, most organizations struggle to buy or renew a policy, even when insurers refuse what they cover and raise the price of coverage at the same time,” says Art Gilliland, CEO of Delinea.
“Our report shows that insurers are increasingly requiring organizations to implement a broader set of security controls to try to reduce the number of customers using their policies. Since 80% of companies use their insurance policies, more advanced solutions are expected to be required. “
Other top reasons cited in the report for applying for cyber insurance were business contract requirements (24%) and recent data breaches (17%).
The largest number of respondents (48%) indicated that their policy covers data recovery, and about a third indicated that it covers incident response, regulatory fines, and third party indemnification.
When asked how they meet insurance companies’ requirements for privileged access management, only 43% said they had suitable existing solutions, while 42% said they were looking for additional solutions (42%).
“Privileged access management solutions can help limit organizations’ exposure to risks such as ransomware while minimizing potential payouts when covered by cyber insurance,” says Gilliland.