December 13, 2021 •
Has something like this happened to you recently? Your cybersecurity insurance is up for renewal, or perhaps you’re looking into purchasing some for the first time following a ransomware attack, and your insurer comes back to you with a surprising answer: fill out this MFA attestation form, or your premiums are going up. Depending on your risk profile, maybe you’ve even been denied coverage entirely.
What is this new requirement and why are cybersecurity insurance policies getting more strict about premiums, coverage levels, and risk profiles?
Today, we’re taking a look at the cybersecurity insurance environment as it stands today — how it got there, where it’s going, and how you can protect your company amidst the skyrocketing cost of insurance.
What is Cybersecurity Insurance?
With the rise in remote work, and the subsequent acceleration of ransomware attacks, more and more companies are looking to protect their data and information the same way they protect their health, life, and assets — with insurance.
Cybersecurity insurance is a rapidly growing industry, and it’s not slowing down any time soon. According to a MarketsandMarkets report, the cybersecurity insurance market is expected “to grow from $7.8 billion in 2020 to $20.4 billion by 2025”. That’s an annual growth rate of 21.2%.
Yet with this growth has come challenges. Insurance companies are now shouldering the enormous burden of ransomware payouts, which have increased 150% in frequency and 290% in average cost. In response to this, premiums are rising sharply and insurance companies are looking for new ways to reduce the risk profile of clients they take on.
That brings us to the topic of MFA attestations and cybersecurity questionnaires.
What is an MFA Attestation?
The same way you may be asked to fill out a medical assessment form when applying for health insurance, insurers are now asking companies for an assessment of a prospective customer’s cyber health as well.
MFA attestation forms, and supplemental cybersecurity questionnaires ask companies to confirm they have preemptively protected their network in a variety of ways. You may have seen one of these forms recently, like this Travellers insurance one, with yes/no questions such as:
“We expect that MFA Attestations, similar to the one Travellers Insurance has started requiring, will become commonplace starting in 2022”, said CEO & Founder of Cyphercor, Diego Matute. “We’re predicting that customers who don’t have these minimum controls in place will start to see their premiums rise, their coverage shrink, and even be denied coverage outright.”
Insurance companies are also starting to implement stress tests, remote vulnerability scans, and other types of cyber risk assessments in order to ensure that their clients are meeting these increasingly stringent requirements.
Companies are left scrambling to find a strong, secure solution that will pass their insurers tests, but that’s also simple to implement, won’t over-complicate daily processes, and is affordable for any sized business.
What can companies do to meet these stringent requirements?
If you send us the MFA Attestation form that you’ve been asked to complete by your insurer, we can help you set up MFA on your network, and secure your endpoints so that you can confidently check off ‘Yes’ to any requirements your insurance company has.
Implementing our MFA solution takes less than an hour. We can walk you through it directly, or you can try it yourself using our documentation pages or walk-through videos along with your 15 day free trial.
If you’re interested in learning more about how LoginTC can help you lower your insurance premiums, or even qualify for insurance you’ve been previously denied, reach out today at firstname.lastname@example.org.