Organizations face stiff headwinds when it comes to getting the cyber insurance necessary to survive in the face of blistering attacks. The bottom line: as the number of attacks increase – and with it the damage to organizations, cyber insurance is becoming harder and more expensive to obtain.The challenges are captured in a recent Sophos report: “Cyber Insurance 2022: Reality from the InfoSec Frontline.” Insights in the report were gleaned from a survey of 5,600 IT professionals. Among the findings:Over the last year, companies have been dealing with the following:
A 57% increase in the volume of attack
A 59% increase in the complexity of attacks
A 53% increase in the impact of attacks
When it comes to ransomware, things are getting worse. When asked if they’d been hit by ransomware in the last year, 66% of respondents said yes – up from 37% when we asked the same question last year. What’s more, the average ransomware payment is now north of $800,000 whereas last year it was around $170,000.When it comes to trying to get cyber insurance in 2022:
54% said the level of cybersecurity they need to qualify is now higher
47% said policies are now more complex
40% said fewer companies offer cyber insurance
37% said the process takes longer
34% said it is more expensive
But these storm clouds have a silver lining: Almost all of those surveyed have made changes to their defenses in order to secure insurance. Of those who made changes:
64% have implemented new technologies and services
56% have increased staff training and education activities
InfoSec content strategist, researcher, director, tech writer, blogger and community builder. Senior Vice President of Audience Content Strategy at CyberRisk Alliance.
This week, in the enterprise security news,
Semgrep raises a lotta money
CYE acquires Solvo
Sophos completes the Secureworks acquisition
SailPoint prepares for IPO
Summarizing the 2024 cybersecurity market
Lawyers that specialize in keeping breach details secret
Scientists torture AI
Make sure to offboard your S3 buckets
extinguish fires with ba...
After infiltrating the SEC's X account via SIM swapping conducted with the help of his co-conspirators, Council proceeded to post fraudulent information regarding the planned approval of cryptocurrency-containing exchange-traded funds, which resulted in a Bitcoin price spike, according to the Justice Department.