Cyber Insurance is About to Become Standard

The first cyber insurance policies for companies were offered in the DACH region a good ten years ago. Since then, the market has grown and insurance offerings have matured considerably. Insurers now have a better understanding of the potential risk and have aligned and diversified their insurance policies accordingly. Although it is a growth market, it is becoming increasingly difficult for policyholders to take out insurance at attractive conditions if adequate security precautions are lacking or cannot be demonstrated.

100% cyber protection not possible

The latest State of Cybersecurity: 2024 Trends Report by Arctic Wolf shows that more than half of companies in Germany, Austria and Switzerland now have an active cyber insurance policy. A further 39 percent stated that they are either currently taking out a policy or will be looking to do so within the next twelve months. Only 5 percent are hesitant or are in a situation where they do not qualify for insurance cover. Nevertheless, the DACH region is currently still a growth market.

“100% cyber protection is not realistically possible at a time when attackers are working with the help of AI and a high degree of professionalism and are targeting ever larger attack surfaces,” warns Sebastian Schmerl from Arctic Wolf. “That’s why cyber insurance is an important tool for covering the ‘last mile’ of cyber protection, i.e. minimizing potential financial losses. However, insurance is of course no substitute for comprehensive security measures; it is the last resort. What’s more, companies now have to demonstrate ever higher security standards in order to obtain insurance cover at all.”

Rising premiums for companies

When asked about their biggest concerns in relation to cyber insurance, a quarter of companies in the DACH region cited rising costs. In addition to the purely financial aspects of taking out cyber insurance, 27% of respondents also cited stricter security requirements and 19% the time-consuming process of taking out and maintaining their policy.

Due to the tense threat situation and growing losses, insurance companies are now carrying out a detailed risk assessment and review of the protective measures used before issuing insurance and setting the premium amount.

“Providing evidence of security measures can be a challenge if there is no overview of the measures implemented and/or specific emergency plans,” says Sebastian Schmerl. “All security-relevant data comes together in security operations centers, which facilitates the exchange of information with insurance companies. As medium-sized companies in particular do not usually have their own SOC, companies and insurance companies can work together with security partners that offer security operations as a service. These not only monitor the attack surface 24/7 and thus improve the security situation, but also provide all the information required for risk assessment and thus the basis for setting the insurance premium.”

Ransom is often paid

Cyber criminals put their victims under a lot of pressure and demand ever higher ransoms. An analysis by Arctic Wolf revealed that the initial ransom demand rose by 20 percent last year to an average of 600,000 US dollars. Contrary to the recommendation of law enforcement authorities, a ransom was paid in four out of five cases worldwide last year, and cyber insurance covered at least part of it in 30 percent of cases. In the DACH region, a ransomware negotiator was also almost always called in, who was able to successfully reduce the amount in 61% of cases.

The State of Cybersecurity: 2024 Trends Report by Arctic Wolf is based on a global survey of more than 1,000 senior IT and cybersecurity decision-makers.