Companies boost security investments as cyber insurance terms become more stringent, per latest report
In the digital age, the threat of ransomware attacks looms large for organisations worldwide. Recent research from CYE indicates a significant discrepancy between the actual cost of an attack and the coverage provided by a cyber insurance policy, with an average gap of over $27 million [1].
The global average ransomware recovery cost reached a staggering $2.73 million in 2024, marking a whopping 500% increase from the previous year [1]. This figure encompasses costs related to downtime, lost revenue, and recovery efforts, with an average downtime of around 24 days per incident [1].
Large-scale incidents, such as the 2023 ransomware attack on Mr. Cooper, incurred recovery and response costs of approximately $25 million [2]. Although explicit dollar amounts describing the difference between actual recovery costs and insurance payouts in 2022-2023 are not provided, the surge in ransomware costs suggests potential underinsurance.
In the healthcare sector, ransomware recovery costs have been high, with extensive downtime and large numbers of records affected. However, exact average cost figures for healthcare alone in 2022-2023 are not detailed in the available data [4][5].
Meredith Schnur, regional cyber practice leader at Marsh, confirmed that cyber insurance policies are effective in paying claims but are not intended to be unlimited [1]. In 2022 and 2023, combined claim recovery at Marsh was approximately 80%, increasing when retentions are taken out [1].
To address these gaps, insurance providers are incentivizing companies to improve their cyber defenses. They are linking premium costs and depth of coverage to maintaining minimum cyber defense standards [1]. One such standard is PCI-DSS, a security standard for enforcing the security of card payments to prevent malicious hackers from stealing card data and committing fraudulent transactions [1].
A report released by Sophos and Vanson Bourne on Wednesday states that three-quarters of companies have invested in cyber defense to qualify for cyber insurance [1]. Chester Wisniewski, director and global field CTO at Sophos, stated that incrementally improving minimum cybersecurity standards, such as PCI-DSS, can have positive effects over time [1].
As ransomware threats surge, enterprises need to develop a comprehensive strategy to maintain business continuity. Despite additional investments in cyber defense, significant gaps remain between recovery costs and the coverage provided by insurance providers, according to Sophos [1]. The research is based on a survey of 5,000 IT and cybersecurity leaders across 14 countries [1].
In conclusion, the escalating financial risks of ransomware attacks necessitate a review of cyber insurance limits, coverage scope, and cybersecurity prevention measures. Organisations must strive to improve their cyber defenses to bridge the gap between recovery costs and insurance coverage, ensuring business continuity in the face of these growing threats.
- The surge in ransomware attacks and accompanying recovery costs have revealed a significant discrepancy between actual costs and cyber insurance policy coverage, with an average gap surpassing $27 million, as observed in a CYE research [1].
- In an effort to diminish this gap, insurance providers are offering incentives for companies to increase their cybersecurity measures, linking premium costs and coverage depth to minimum standards like PCI-DSS [1].
- As the threat of ransomware grows, enterprises need to strengthen their cyber defenses, invest in comprehensive cybersecurity strategies, and review their insurance coverage to ensure business continuity, in light of escalating financial risks [1].
