As cyberattacks and related insurance claims continue to rise, insurers are becoming increasingly selective about the risks they will underwrite. Many insurers have made the adoption of certain controls — mechanisms or processes to protect an organisation’s cyber vulnerabilities — a minimum requirement for securing any level of cyber insurance, let alone coverage with favourable pricing and terms.
The use of certain cyber hygiene controls can help organisations positively differentiate their cyber risk management to insurers. Organisations that do not have particular controls in place may be at a strong disadvantage relative to their peers when seeking cyber insurance, and may face a higher risk of experiencing a cyber incident.
According to an analysis of data from several hundred Marsh UK clients conducted by the Marsh McLennan Cyber Risk Analytics Center, most clients deploy five basic account monitoring and protection controls.