The cyber headlines worth questioning

Cyber insurance is one of the hottest topics around, but should we trust everything we read about it?

Cyber Article 1 min Mon, Nov 22, 2021

While there’s a lot of valuable information about cyber insurance out there, there are also a number of headlines we should probably take with grain of salt, whether because they’re a little misguided or just out of date. Here are the top picks.

  1. Covid caused cyber claims

    When we talk about cyber claims frequency, we are referring to the percentage of policyholders who have experienced a claim divided by the overall policy count. And contrary to the headlines, our claims team actually didn’t notice a significant increase in the frequency of cyber claims during the height of Covid.

    However, what Covid did do is increase businesses’ awareness of digital exposure as they shifted to a remote working environment, demonstrate that their largest asset is often their intangible assets, and show them that cyber insurance exists as an effective method of risk transfer. In turn, this drove more businesses to buy cyber than ever before.

    And with more policies, there was a natural rise in claims, though this was proportionate to the overall policy count.

  2. Most claims stem from open RDP ports

    Remote Desktop Protocol, or RDP, allows users the ability to connect to a remote PC or server over the internet or on a local network.

    RDP ports serve as the digital doors and windows to a business and if these aren’t secured properly, it can allow hackers system access and leave organisations vulnerable to attack. However, this is only one method to get into a network, and while open RDP ports were a popular infiltration method for a time, the tactics used by cybercriminals are constantly evolving.

    During the last six to twelve months, we’ve been seeing a much higher number of claims stemming from undetected software vulnerabilities, which proves that it will take a multi-pronged approach to solving the ransomware pandemic and there isn’t a simple enough solution as just closing an RDP port to become secure. The threat landscape is constantly shifting, and clients and insurers need to evolve security practices and expectations with it.

  3. External security scans are a true measure of a company’s vulnerability

    You’ve likely seen companies promoting security reports that can perform external scans on a business. While it can certainly be helpful when discussing cyber insurance with a client, it’s important to stress that these scans don’t provide a complete picture.

    The reality is that the vast majority of a business’s infrastructure and exposure lies on the inside of their networks. If surface scanning reports are solely relied on to show a company how vulnerable they are, they can do more harm than good if a company believes they are an accurate assessment without further analysis. While external scans of a client’s vulnerabilities provide insight into what criminals can easily detect from the outside, they unfortunately can lead to a number of false positives and work against the business.

    Reports like these should only be used to supplement an insurer’s existing claims data which is a proven measure of what exposures are happening to clients in real time. A good cyber insurance provider will be able to offer deep scanning services and continuous monitoring throughout the policy term, not just at the stage of quoting.

  4. Specific percentage rate increases may just be a headline

    A lot of headlines have been touting specific percentage increases to cyber rates as the claims environment becomes more severe. Not only do these figures get out of date quickly, but the reality is that renewal pricing is no longer a fair enough indicator of what the price should be for the new exposures faced.

    In truth, the goal post is constantly changing when it comes to how rate responds to the claims environment and this depends on a number of factors, from systemic risk to which industries are being targeted to what new methods attackers are using to make money.

    As we speak to clients about cyber rates, it’s important to understand that insurers aren’t just remediating against prior losses – they’re future-proofing against the latest security threat trends in order to protect the integrity and longevity of the line.

    Unfortunately, past performance is not a predictor of future threats and rate response needs to be as dynamic as the cyber threat landscape.


To learn more about cyber check out our 
product page, or get in touch via cyber@cfc.com