How Cyber Insurance Underwriting Has Evolved
As cyber attacks have become more commonplace and the frequency of claims has grown, the process of cyber insurance underwriting has evolved significantly.
To reduce risk and potential losses, insurers are becoming more diligent about risk assessment during the application process and throughout the life of the policy. They want to know what measures your organization is taking to protect against cyber attacks and mitigate their impact—and they are turning to technology for answers.
In addition to relying on traditional methods such as risk assessment questionnaires, which are often subjective and hard to verify, today’s sophisticated underwriting technology can shine a light on your security posture in a non-invasive and data-driven way. These tools can help underwriters evaluate the financial impact of a cyber attack on your business, compare your security performance to others in your sector, and assess cyber risk in your supply chain.
Once a policy is secured, insurers can continuously monitor your organization's cybersecurity health and keep a pulse on emerging risk throughout the period of coverage.
What Risks Do Cyber Insurance Underwriters Look For?
Many hackers rely on network and system vulnerabilities such as open ports, unpatched software, and misconfigured systems for their attacks. Insurers want to know that your organization is taking steps to understand and act on these risks. A failure to do so may result in a higher premium or declined coverage.
Other elements of a mature and established security management program that underwriters look for are a robust data management strategy, multi-factor authentication, network segmentation, and endpoint protection.
To ensure you can procure the right policy at the right cost, use a tool like BitSight Security Ratings. BitSight provides a complete view of hidden risk in your network and across your integrated supply chain, so that you can remediate it before it becomes an issue and help reduce potential cyber risk insurance claims in the future. Additionally, 50% of global cyber insurance gross written premiums are underwritten by BitSight customers including AIG, Chubb, and Hartford.