Cyber insurers are taking steps to reduce their risk, and you should do the same

April 11, 2023 | Cybersecurity
Robert Hall

Written by
Robert Hall

As the cyber threat landscape continues to evolve, so do the security solutions around it, and in the same way, cyber insurance is evolving too. 

This is because cyber insurers have no way of preventing attacks, one way insurers in the UK try to reduce risk is by mandating certain cyber tools, such as Cyber Essentials (and Cyber Essentials Plus), Multi-Factor Authentication (MFA), and security awareness training. 

Cyber Essentials and MFA are security controls that businesses can implement to protect their user devices and accounts, but security awareness training exists to help users understand when they are being attacked. 

Security awareness training is required because insurers have realised that users are the weakest link in the security chain, not because they are ignorant, but because they are not trained to identify attacks. 

It is also worth noting that insurers are quietly updating policies to make it more difficult to make a claim when user error has resulted in an attack or loss of funds. Things like "independently verifying" payments before they are made are a way for companies to ensure that processes are in place for employees to follow, such as contacting a supplier to confirm that new payment details are legitimate. 

Without having these processes in place, insurers are unlikely to pay out, and in cases where claimants have taken legal action, the courts are siding with the insurers. What this means to me is that, as always, you need to cover as many bases as possible.

Put security in place, it will SAVE you money. 

Get insurance, it could provide financial support in the event of a breach.  

Have a joined-up approach to security; instead of relying on insurance or security tools, make sure you have processes and policies in place that ensure staff understand what they need to do to avoid incidents. 

Contact us

Recommended reading

March 2024, cybersecurity round-up

2024 is in full swing, and so are cyberattacks. Multiple industries are falling victim to cybercrime, from ...

How do Brigantia's vendor relationships benefit MSPs?

Partnership is at the centre of Brigantia and for good reason. Establishing strong relationships with our ...

Widespread Use of AI Agents in the Near Future

Unless you have been living under a rock for the last year, you will have heard about ChatGPT and the various ...