The cyber insurance reckoning: Why AI-powered attacks are breaking coverage (and what comes next)

A naukri.com initiative

New

The cyber ...

VentureBeat

291

Image Credit: VentureBeat

Standard business insurance policies typically do not cover losses from cyber attacks, making cybersecurity insurance increasingly important as AI-powered attacks grow in complexity.
Cybersecurity-specific insurance policies provide coverage for remediation costs and recovery efforts, but can be complex to navigate with various exclusions and sub-limits.
Cyber insurance covers first-party and third-party damages, but may have restrictions on ransomware payments and may not cover social engineering attacks or insider threats.
Insurance providers look for strong security measures in companies before offering quotes, such as zero-trust capabilities, multifactor authentication, and incident response plans.
Companies can reduce cyber insurance premiums by demonstrating compliance with security frameworks like NIST or ISO 27001 and conducting regular risk assessments.
Policies should clearly define coverage for extortion expenses, computer systems, lost income, data restoration, and types of threats by attackers.
Top-reported cyber insurance claims in 2024 included BEC, FTF, and ransomware, with varying claim amounts ranging from $1,000 to over $500 million.
Predictions for 2025 include increased premiums, expanded coverage for CISOs due to SEC scrutiny, and requirements for robust third-party risk management programs.
Insurers are emphasizing the need for clients to implement strong cybersecurity measures to mitigate risks and qualify for cyber insurance coverage.

Read Full Article

17 Likes

For uninterrupted reading, download the app