New data about the state of cyber insurance shows that given the current loss ratios by insurers – and the reasons behind those losses – will result in higher premiums for the foreseeable future.

I cover the topic of cyber insurance at a pretty regular cadence here, but it’s rare when you can hear directly from a wide range of insurers about the state of cyber insurance, what challenges insurers are seeing, and what to expect in the near-term. So, I was thrilled to hear about security vendor Panaseer’s 2022 Cyber Insurance Market Trends Report providing some insight into exactly where cyber insurer head’s are.

According to the report, a majority (82%) of cyber insurers expect cyber insurance premiums to continue rising over the next two years. The reasons are threefold:

  • The increased sophistication of cyber threat actors – 74% of insurers say this is having an impact on premiums
  • The increased cost of ransomware attacks (i.e., payments) – 78% of insurers say this is having an impact
  • Inability to accurately understand a customer’s security posture – 74% of insurers say this is having an impact

What’s interesting is of all the security technologies in place today – from IAM, to PAM, to vulnerability management, to EDR, and more, 36% of insurers said that Security Awareness Training is the most important factor (just behind Cloud Security as the top factor) when assessing a prospective insured organization’s network for risk and worthiness for a policy.

Makes you realize the value of keeping users continually up to date on the latest phishing and social engineering attacks and methods. So, if you want to get a cyber insurance policy, keep your users “secure”.