Skip to main content
close search
site logo
Dive Brief

Insurance coverage drives cyber risk reduction for companies, researchers say

Companies with cyber coverage are better able to detect and respond to attacks, according to a Forrester report.

Published Aug. 21, 2024
David Jones's headshot
Reporter
Rendered image depicting global networks.
DKosig via Getty Images

Dive Brief:

  • Companies with cyber insurance coverage are reducing risk and are more likely to detect, respond and recover from data breaches and malicious attacks, compared to organizations without coverage, according to two reports released this week.
  • An At-Bay commissioned survey conducted by Omdia shows cyber insurance is helping to drive proactive security measures, mitigation strategies and targeted spending. More than 7 in 10 respondents said they view cyber coverage as important or critical to their company, and reported increased spending on proactive security solutions over the past 12 months.
  • A separate report from Forrester showed 1 in 4 global companies with standalone cyber insurance coverage were able to detect and respond to incidents in seven days or less, compared with 19% of businesses with no coverage or 18% with cyber coverage bundled into another policy.

Dive Insight:

The reports highlight the important role insurance coverage plays in cyber mitigation efforts and risk reduction. 

Companies view insurance coverage as an important factor in mitigating against data breaches, malicious attacks and maintaining business continuity. 

“Companies with coverage fare better in detection, response and recovery,” Heidi Shey, principal analyst at Forrester, said via email.

Insurance companies often provide various resources, including incident response planning and tabletop exercises, to help prepare companies for an incident, Shey noted. They also often work with a panel of service providers, to help with investigations and recovery.

Nearly 1 in 4 of enterprise security decision makers said obtaining insurance over the next 12 months was a key strategic priority, Forrester research found. About 12% of global professionals said their organization purchased standalone cyber coverage to reduce overall business risk. 

The February ransomware attack against Change Healthcare and the July IT outage impacting 8.5 million Microsoft Windows devices linked to a defective CrowdStrike software upgrade underscore the enormous financial and operational impact linked to IT security issues. 

Insured losses in the CrowdStrike incident are expected to reach $1 billion and Fortune 500 companies could see direct impacts of $5.4 billion

The Omdia report is based on a survey of more than 400 security decision makers across companies in the U.S., Canada, U.K., France and Germany.  

Forrester’s research is based on responses from 573 business and technology professionals in 2024, while a separate survey is based on responses from 1,620 global security professionals in 2023. 

Disclosure: Omdia and Cybersecurity Dive are both owned by Informa. Omdia has no influence over Cybersecurity Dive’s coverage

Filed Under: Strategy

Editors' picks

Company Announcements

View all | Post a press release
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
Mystic Valley Elder Services Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
CUSO Financial Services, LP Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Editors' picks
Latest in Strategy
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell