Lower Data Breach Insurance Costs with These Tips
The changing attack landscape has resulted in the hardening of the data breach insurance market. Gain insight into how implementing security controls can reduce the mean time to detect and control the costliness of an attack.
The proliferation of ransomware and business email compromise (BEC) cyberattacks has forced organizations to change their perception towards the current threat environment. The question is no longer “if” your business will fall victim to a threat campaign, it’s now a matter of “when.” IBM Security reported that 83% of organizations studied have had more than one data breach.
While the average cost of a data breach has reached an all-time high of USD 4.35 million in 2022, the financial impact of a cyberattack hasn’t just placed security teams on the defense, it’s affected the entire data breach insurance market.
The 2022 NetDiligence Cyber Claims Study analyzed over 7,400 claims between 2017 – 2021. In comparison, the sixth Cyber Claims Study published in 2016 analyzed fewer than 200 cyber insurance claims. While losses varied enormously (smallest claims were less than USD 1,000 and the largest are over USD 300 million), there was no correlation between the size of the organization and the magnitude of a cyber-related loss.
The consensus is that the longer an attack goes undetected, the more expensive it is to remediate. According to IBM Security, the average time to identify and contain a data breach was 277 days. But a shorter data breach lifecycle of less than 200 days was associated with an average of 26% in cost savings. Keeping in mind that not all policies cover the entire claim amount, it’s evident that no matter the size of an organization, implementing specific security controls to reduce the time to contain an attack is key to mitigating the rising costs of data breaches.
What are the costliest breaches?
Ransomware and BEC were among the leading causes of loss. Ransomware attacks accounted for 11% of breaches, a staggering 41% increase from last year. While the average cost of a ransomware attack decreased to USD 4.54 million, this does not include the price to pay out the ransom itself, and it is still higher than the average total cost of a data breach (USD 4.35 million).
BEC accounted for 6% of breaches and cost an average of USD 4.89 million. This high cost is due to the length of time to identify contain. The BEC attack lifecycle was 308 days, making it the second costliest attack vector and the second highest mean time to identify and contain.
What are the most popular cyber insurance claims?
It’s no surprise that ransomware and BEC were the two leading causes of cyber insurance claims. NetDiligence reports the combined tactics accounted for 44% of claims during the five-year period from 2017-2021, and nearly 50% of claims in 2020 and 2021. Of the 2,123 ransomware claims recorded, 45% occurred over the past two years. And out of 1,153 BEC claims reported between 2017-2021, a whopping 57% of the total occurred in 2020 and 2021.
Reducing costs comes from reducing risk
While data breach insurance is designed to mitigate the financial damage of a cyberattack, claims potentially only negate a fraction of costs associated with ransomware and BEC. Keeping in mind the “if not when” credo of cyberattacks, the most effective way for organizations to control the costliness of an attack is by reducing the mean time to detect by implementing the following four security controls:
Flipping on its head the convention of "trust, then verify" used in traditional, perimeter-based architectures, the zero-trust strategy assumes that cyberthreats exist both inside and outside a network, so no one can be trusted implicitly. IBM Security found that organizations that were early adopted of zero trust saved nearly USD 1 million in breach costs, but those with a mature zero trust deployment saved an average of USD 1.51 million. Unfortunately, only 41% of businesses surveyed said they deployed a zero trust security architecture. Want to get started?
Learn more about zero trust and Trend Micro.
By revealing the entire chain of events across security vectors—including email, endpoints, servers, cloud workloads, and networks—XDR simplifies and accelerates investigation and response. This broader prospective means that organizations equipped with XDR technologies identified and contained a breach 29 days faster than those without. Although less than half (44%) surveyed by IBM Security have implemented XDR capabilities, the results are overwhelmingly positive from a ROI standpoint, as XDR carries breach cost savings of 9.2%.
Learn more: Guide to Better Threat Detection & Response (XDR)
Incident response services
Historically, implementing strong incident response teams and regularly testing incident response plans significantly reduced the cost of a data breach. Those poised and equipped to detect, respond, and eliminate cyberattacks through incident response teams with a tested incident response plan experience average breach cost savings of USD 2.66 million. These staggering savings are up from USD 1.77 million in 2020.
Learn more: Incident Response Services & Playbooks Guide.
Cyber risk assessment and scoring
Cyber risk assessments and scoring, also called “risk quantification” by IBM, looks at the impact (including financial, availability of data, and data integrity) of a breach. By quantifying security risk in financial terms, CISOs are better able to identify and prioritize potential security gaps. Conducting risk assessments and scoring can save up to USD 2.10 million on average. However, less than half of organizations surveyed said they prioritize risks, threats, and impacted based on risk quantification techniques.
Learn more: A Cybersecurity Risk Assessment Guide for Leaders
Partnering with a data breach insurance provider can help mitigate the damage incurred by some of the most popular and costliest breaches: ransomware and BEC. Organizations need to go one step further towards reducing the cost of data breaches and the likelihood of making a cyber insurance claim that is larger than your policy amount. Mitigating both cyber risk and financial loss begins with zero-trust architecture, XDR capabilities, incident response services, and cyber risk assessments and scoring.