Skip to content
Is it possible in today’s digital age to end cyber risk for your organization? NCI partners, Arctic Wolf and Marsh McLennan Agency shed light on the cyber security and cyber insurance world, and offer valuable insights from the frontlines.
Understanding Cyber Risk
Cyber risk is a combination of the likelihood and impact of cyber incidents. Data breaches continue to be a significant issue, with 48% of organizations identifying a breach in the last 12 months. Ransomware attacks are also on the rise, with 45% of organizations surveyed suffering an attack in the past year. Of these attacks, 91% included data exfiltration, and 94% of victims experienced periods of complete productivity loss.
Why is ransomware increasing? 83% of the time, some (or all) of the ransom was paid. So, if a majority of the ransoms keep getting paid, bad actors have enough incentive to continue trying to find points of compromise in your environment to attack.
One of the largest points of compromise are the users – your employees, co-workers, and even you. User action – as a point of compromise – is increasing year over year and is the fastest growing attack surface. If you don’t have a good culture of cybersecurity and awareness across every single employee, you’re missing a significant attack surface that is leaving you exposed and vulnerable.
Why Cyber Insurance?
I’m already spending all this money on IT, why do I need to spend more on cyber insurance? Cyber insurance is not meant to replace what you’re doing in your IT environment, it’s meant to be a component of your risk management program. You’re never going to be able to protect yourself from every single exposure. Cyber insurance financially protects you and provides breach response services. It can also get you access to expert vendors who deeply know this industry and are efficient at what they do.
If you think about it, this is how you would acquire insurance in your personal life whether it’s home, or auto. We all do a lot of mitigation on a daily basis to contain our own risk and for the things that are simply out of our control, we outsource to another company.
The Cyber Insurance Market
Before we jump into increasing your insurability, let’s dive into a little bit of background on the cyber insurance market and how it’s evolved over the years. Initially, it was a profitable product with loss ratios below 50%. However, as claims increased, insurers began to scrutinize their portfolios and focus on security controls. Despite some moderation in 2022, ransomware attacks rebounded in 2023, increasing in frequency, sophistication, and severity. Insurers are now adjusting their underwriting processes to focus on security controls that mitigate losses.
Preparing for the Underwriting Process
Organizations should start by evaluating their cybersecurity maturity. This can be done by completing assessments like Marsh’s Cyber Self-Assessment. This flags strengths and weaknesses, and helps prepare you for underwriter discussions. Partnering with an agency can also provide access to a curated portfolio of cybersecurity vendor solutions and vendor procurement support to help you improve your security posture for underwriting.
How Arctic Wolf Helps with Insurance
Arctic Wolf’s security solutions can help you get the best cyber insurance terms possible. Leveraging their solutions have been shown to decrease insurance premiums by 5% to 25%. In addition, by investing in Arctic Wolf Bundles, you are eligible for up to $1.5 million in financial assistance for a covered security event.
Top Cybersecurity Controls
To improve insurability, mitigation, and resilience, organizations should implement key cybersecurity controls, including:
- Multifactor authentication for remote access and admin/privileged controls
- Endpoint Detection and Response (EDR)
- Secured, encrypted, and tested backups
- Privileged Access Management (PAM)
- Email filtering and web security
- Patch and vulnerability management
- Cyber incident response planning and testing
- Cybersecurity awareness training and phishing testing
- Hardening techniques including Remote Desktop Protocol (RDP) mitigation
- Logging and monitoring/network protections
- End-of-life systems replaced or protected
- Vendor/digital supply chain risk management
Case Study: Arctic Wolf’s Impact on Insurance Premiums
A case study involving a mid-sized manufacturing company illustrates the impact of Arctic Wolf’s security solutions on insurance premiums. After implementing Arctic Wolf’s Managed Detection and Response (MDR) and Managed Risk services, the company saw a 20% reduction in their cyber insurance premiums. The enhanced security posture not only improved their insurability but also provided peace of mind knowing they had robust defenses in place.
Conclusion
Managing your cyber risk improves insurability, but it requires a proactive approach. By implementing robust security controls and preparing thoroughly for the underwriting process, organizations can enhance their resilience and secure better insurance terms. Arctic Wolf’s solutions and Marsh McLennan’s insights provide a valuable resource for navigating the complex landscape of cyber risk and insurance. NCI partners with Arctic Wolf to bring you the best cybersecurity options. For more information on how we can help, visit our website or reach out to our team.
Watch the full session recording on demand now.
