Omdia commissioned study shows how businesses can accelerate cybersecurity maturity by combining cyber insurance with proactive cybersecurity
Key News Highlights
- Study reveals 72% of security leaders view cyber insurance as critical or important to their organization.
- 43% also report cyber insurance requirements as a major or leading driver of cybersecurity spend.
- Critical infrastructure sectors lag behind the most: while only 13% of respondents work proactively with their cyber insurance provider, this drops as low as 4% for manufacturing companies, 7% for energy, utility and transportation companies; and 8% for healthcare companies.
SAN FRANCISCO, August 21, 2024 – Global tech analyst firm, Omdia, and the InsurSec provider for the digital age, At-Bay, released new research today investigating the important role cyber insurance can play in a proactive cybersecurity strategy. The research found that organizations of all sizes are embracing proactive cybersecurity solutions and that cyber insurance is emerging as a key driver of cybersecurity spend decisions for many businesses. There is however, a big opportunity for businesses to partner more closely with their insurance provider to unlock more effective risk reduction strategies, especially if the provider is a hybrid InsurSec (insurance and cybersecurity) provider.
“We believe an important finding from this report is that there’s a large number of organizations that should consider partnering with a cyber insurance provider to help drive cybersecurity maturity,” said Omdia analyst, Andrew Braunberg. “There can be upside for enterprises in aligning proactive cybersecurity spending with cyber insurance requirements, with an even more powerful emerging option to partner with an InsurSec provider to optimize risk reduction and technology performance. These relatively new entities combine cybersecurity products and services with insurance offerings to offer a wider scope of prevention and protection.”
Key findings from the report, which surveyed security decision makers in the US, Canada and EMEA to better understand the current market landscape, investment trends, attitudes towards risk management, and organizational pain points, include:
- Cyber insurance has emerged as a best practice for many businesses, with 72% of all respondents viewing it as “critical” or “important” to their organization.
- Cyber insurance requirements are a major factor in how organizations make security-buying decisions. 43% of all respondents report that cyber insurance requirements are a “major or leading driver” of cybersecurity spend. The percentage is even higher among the largest organizations, among which 52% report that cyber insurance requirements are a major driver of spending.
- Organizations of all sizes are shuffling their spending priorities to proactive security solutions that help to identify and mitigate likely threats. More than 70% of respondents increased their spending on proactive security solutions over the past 12 months, outpacing spending on preventive and reactive solutions. 83% of respondents are also interested in combining proactive point solutions into a single unified platform.
- Despite using cyber insurance to make strategic security decisions, only 13% of all respondents admit to working “proactively” with their cyber insurance provider to reduce cyber risk. A healthier 33% identify preventive measures for cyber-risk “with support from” their cyber insurer. The rate of proactive collaboration is even lower in many critical-infrastructure sectors, where cyber risk has the potential for an even larger societal impact. For example, it includes only 4% of manufacturing companies; 7% of energy, utility, and transportation companies; and 8% of healthcare companies.
“Cyber insurance has emerged as a critical pillar to building a proactive cybersecurity strategy as it enables companies to complete their risk mitigation,” said Thom Dekens, Chief Business Officer at At-Bay and GM of At-Bay Security. “Additionally, insurance providers with significant in-house cybersecurity expertise can provide huge business value to their customers, closely partnering with them to make informed decisions about their technology strategies and also improve their risk outcomes throughout the policy year.”
To read the full report, go here: InsurSec Can Drive An Effective Proactive Security Strategy
At-Bay is the InsurSec provider for the digital age. By combining world-class technology with industry-leading insurance, At-Bay was designed from the ground up to empower businesses of every size to meet cyber risk head on. At-Bay Insurance Services, LLC provides insurance protection and security prevention solutions to close to 40,000 businesses in the US, safeguarding up to $800B in collective business revenue, and offers coverage by admitted and non-admitted insurers for Cyber, Technology Errors & Omissions (Tech E&O), and Miscellaneous Professional Liability (MPL). The At-Bay Group also includes an active full-stack insurance company and a cybersecurity company. At-Bay Security offers proprietary cybersecurity solutions including At-Bay Stance Managed Detection & Response (MDR).
Media Contact
Jackie Gray, Corporate Communications