Omdia commissioned study shows how businesses can accelerate cybersecurity maturity by combining cyber insurance with proactive cybersecurity
Global tech analyst firm, Omdia, and the InsurSec provider for the digital age, At-Bay, released new research today investigating the important role cyber insurance can play in a proactive cybersecurity strategy. The research found that organizations of all sizes are embracing proactive cybersecurity solutions and that cyber insurance is emerging as a key driver of cybersecurity spend decisions for many businesses. There is however, a big opportunity for businesses to partner more closely with their insurance provider to unlock more effective risk reduction strategies, especially if the provider is a hybrid InsurSec (insurance and cybersecurity) provider.
“We believe an important finding from this report is that there’s a large number of organizations that should consider partnering with a cyber insurance provider to help drive cybersecurity maturity,” said Omdia analyst, Andrew Braunberg. “There can be upside for enterprises in aligning proactive cybersecurity spending with cyber insurance requirements, with an even more powerful emerging option to partner with an InsurSec provider to optimize risk reduction and technology performance. These relatively new entities combine cybersecurity products and services with insurance offerings to offer a wider scope of prevention and protection.”
Key findings from the report, which surveyed security decision makers in the US, Canada and EMEA to better understand the current market landscape, investment trends, attitudes towards risk management, and organizational pain points, include:
- Cyber insurance has emerged as a best practice for many businesses, with 72% of all respondents viewing it as “critical” or “important” to their organization.
- Cyber insurance requirements are a major factor in how organizations make security-buying decisions. 43% of all respondents report that cyber insurance requirements are a “major or leading driver” of cybersecurity spend. The percentage is even higher among the largest organizations, among which 52% report that cyber insurance requirements are a major driver of spending.
- Organizations of all sizes are shuffling their spending priorities to proactive security solutions that help to identify and mitigate likely threats. More than 70% of respondents increased their spending on proactive security solutions over the past 12 months, outpacing spending on preventive and reactive solutions. 83% of respondents are also interested in combining proactive point solutions into a single unified platform.
- Despite using cyber insurance to make strategic security decisions, only 13% of all respondents admit to working “proactively” with their cyber insurance provider to reduce cyber risk. A healthier 33% identify preventive measures for cyber-risk “with support from” their cyber insurer. The rate of proactive collaboration is even lower in many critical-infrastructure sectors, where cyber risk has the potential for an even larger societal impact. For example, it includes only 4% of manufacturing companies; 7% of energy, utility, and transportation companies; and 8% of healthcare companies.
“Cyber insurance has emerged as a critical pillar to building a proactive cybersecurity strategy as it enables companies to complete their risk mitigation,” said Thom Dekens, Chief Business Officer at At-Bay and GM of At-Bay Security. “Additionally, insurance providers with significant in-house cybersecurity expertise can provide huge business value to their customers, closely partnering with them to make informed decisions about their technology strategies and also improve their risk outcomes throughout the policy year.”
To read the full report, go here: InsurSec Can Drive An Effective Proactive Security Strategy