US companies have said that over the past year cyber insurance rates increased 50-100% upon application or renewal.
The findings are contained in the 2023 State of Cyber Insurance report conducted by Censuswide on behalf of Delinea, of over 300 US organisations.
This year, companies that used their cyber insurance more than once increased to 47%, while 67% of respondents noted that their insurance rates increased 50-100% upon application or renewal. While only one organisation said it took longer than 6 months to obtain or renew cyber insurance in the 2022 report, over 20 respondents indicated it took that long in this year’s survey.
The survey also found that there is an increasing list of exclusions that could make cyber insurance coverage void, including lack of security protocols in place (43%), human error (38%), acts of war (33%), and not following proper compliance procedures (33%).
“Over the past year, it’s become evident that cyber insurers are learning from their data and are now maturing,” said said Joseph Carson, chief security scientist and advisory CISO at Deline.
“In the early days of cyber insurance, they were just trying to address a huge demand, but now they realise they must reduce their own exposure to both avoidable and uncontrollable circumstances,”
“Our survey results find that most organisations are not approaching cyber insurance with the same diligence – they are simply looking to get covered. What they’re not checking is whether the policy they had last year is what they need now, or if their policy changed at renewal. This ‘cyber insurance gap’ could put a lot of organisations in a tough place when a cybersecurity incident occurs, and they want to utilise this financial safety net.”
The survey also found that many organisations are continuing to invest in cybersecurity solutions to protect them and meet increasing requirements for cyber insurance. Ninety-six percent (96%) of organisations purchased at least one security solution before their application was approved.
Furthermore, 81% received the budget they needed to get their desired cyber insurance policy, with 36% of respondents noting that it is now a requirement from boards of directors and executive management teams.