Cybersecurity insurance

Forrester’s 2023 State of Cyber Insurance

Share
Businessman with umbrella standing in the rain

Enterprises with standalone cyber insurance policies are most likely to have robust cybersecurity programs, invest resources in a zero-trust security strategy, experience fewer breaches, and respond quickly across common incident alert/response steps, according to Forrester's State of Cyber Insurance report, which was released this week.

The report found that cyber insurance is a common way organizations mitigate their cybersecurity risk today, and it's also a key driver for cybersecurity program investment, Forrester said. Forrester's data on cyber insurance adoption and breach response trends also found that most organizations do not have standalone cyber insurance policies. While Forrester data showed that most enterprises had some kind of cyber insurance coverage, only 26% had a standalone policy.

Cyber insurance also influences service provider selection, according to the report. Insurance carriers typically maintain a panel of preferred providers in areas like incident response, ransomware negotiation and payments, and more. For enterprises with cyber insurance coverage, 70% shared that their insurance carrier required them to select from their panel of providers they have negotiated rates with, according to the Forrester report.

Despite what you may have heard, firms with cyber insurance aren't more likely to be attacked or breached; that's a myth. In fact, Forrester data found that organizations with cyber insurance experience fewer breaches. As organizations face stricter underwriting requirements for cyber insurance coverage, firms with robust cybersecurity programs will be the ones that insurers deem a better risk to take on, Forrester said.

Finally, the report found that those with cyber insurance have better outcomes with detection and response. There is a consistent pattern of improved detection and response times across common incident alert and response steps: Mean time to detect, mean time to respond, mean time to eradicate, and mean time to recovery, according to the report. For example, the difference is very pronounced when it comes to mean time to detect, with 48% of enterprise global respondents with standalone cyber insurance policies reporting that they were able to do so in less than seven days, compared to 21% of those without cyber insurance or with cyber coverage as a part of another insurance policy.

You can download the full report (behind a paywall) here.

Sharon Florentine

Sharon manages day-to-day content on ChannelE2E and serves as senior managing editor for CyberRisk Alliance’s Channel Brands. She also covers enterprise-class technology companies, strategic alliances and channel partner strategies. Sharon is a veteran tech journalist and editor with more than 25 years experience in the industry, and has previously held key editorial, content and leadership positions at Techstrong Group, CIO.com, Ziff Davis Enterprise and CRN.