If you’ve noticed your cyber insurance costs rising, you aren’t alone. As cyberattacks have become more frequent and severe and demand for security insurance coverage has grown, premiums have also increased. A survey of insurance brokers revealed that over half of their clients saw a 10 to 30 percent price hike in late 2020, according to the U.S. Government Accountability Office (GAO).
“The uncertainty about future threats also plays a role, and insurers have become more selective about who and what gets covered,” the GAO stated in a July 2022 blog entry. “In our 2021 report, we found that a number of insurers reduced coverage limits or increased premiums for higher-risk organizations and industries, such as academic institutions or the health care and public sectors.”
While it’s preferable to pay premiums instead of dealing with the financial aftermath of a cyberattack without any coverage, climbing cyber insurance prices can still sting for business owners grappling with economic uncertainty, staffing shortages, and other challenges.
Fortunately, there are steps you can take to bring down insurance costs. Here are a few recommendations from Stratosphere and other expert sources for companies looking to rein in spending while maintaining optimal levels of IT security.
1. Encrypt your data.
Your insurance company might be willing to negotiate a discount for your business if you demonstrate that you’re encrypting all sensitive data as a protective measure, according to the Security.org article “How Much Does Cyber Insurance Cost?”
2. Implement multi-factor authentication (MFA).
If you don’t already have MFA in place, you should. Many insurers won’t even sell policies to businesses without multi-factor these days. By asking for two or more pieces of information to verify identity and grant access to accounts, this security measure can drastically reduce your odds of getting hacked, according to the Microsoft Tech Community post “Your Pa$$word doesn’t matter” by Alex Weinert, the director of Identity Security at Microsoft.
“Your password doesn’t matter, but MFA does!” Weinert wrote in the post. “Based on our studies, your account is more than 99.9 percent less likely to be compromised if you use MFA.”
3. Ensure your team follows best practices for passwords.
Because many security incidents start with stolen credentials, following guidelines for proper password management can lead to lower cyber insurance pricing, according to the CPO Magazine article “How To Lower the Cost of Your Cyber Insurance Premiums.” That includes avoiding overused passcodes, utilizing a minimum of 8 characters, and storing credentials properly (e.g., in a password manager instead of in a Word document or on post-it notes), among other best practices.
4. Conduct regular employee security awareness training.
To keep everyone up to date on evolving threats, you should require security awareness training on at least an annual basis. Awareness programs can address skills such as recognizing phishing scams and setting strong passwords. This will not only protect your business but can also lead to lower cyber insurance rates.
5. Carry out routine pen tests and vulnerability assessments.
You can avoid costly security incidents if you find and fix any weak points in your IT environment before cybercriminals get the chance to exploit them. Hiring a third-party cybersecurity service provider to conduct periodic penetration testing and vulnerability assessments can prevent security incidents and possibly convince your insurer to charge you less, according to Security.org and CPO Magazine.
Ultimately, these tactics can benefit your business by lowering your cyber insurance costs and helping you avoid enormously expensive and reputation-damaging data breaches.
If you’d like to learn more about how to reduce your insurance rates and improve your security posture, our trusted technology advisors would be happy to help you. We can assess your unique situation and connect you with leading cybersecurity providers in our partner network. With advanced tools, our advisors can also generate objective comparison matrices illustrating how various suppliers stack up against each other. On top of that, our price parity guarantee means working with us won’t cost more than going directly to the provider.
Get started today by calling 877-599-3999 or emailing sales@stratospherenetworks.com to schedule a cybersecurity consultation with one of our advisors.
