MGA Corvus and Blackberry partnered on a survey to learn more about how small and medium enterprises view cyber insurance and solutions like endpoint detection and response (EDR). The biggest takeaways:
SMEs still have a long way to go in getting properly insured for cyberattacks. The survey found that only 55 percent of respondents currently have cyber insurance, while 28 percent intend to acquire coverage shortly. Of those with insurance, over one-third (37 percent) aren’t covered for ransomware payments — a clear indication of being under-insured, given that ransomware has been trending “down market” to smaller entities over time.
Insurance buyers now expect risk services as part of the offering. It’s unusual to get valuable services as part of a commercial insurance policy, so in the past Corvus had to work to inform policyholders about our unique offerings. The survey finds that now the strength of an insurer’s risk mitigation services is one of the buyer’s top considerations. It found that many businesses are craving an increased consultative process with insurers so they are assured coverage will fit their needs.
Confirmed: Buyers see data sharing as a path to better insights. Since Corvus is building our Smart Cyber Partnerships™, we were keen to know how businesses feel about the prospect of gaining insights about their security posture through shared data. We were glad to see that the survey found businesses are increasingly willing to treat insurance carriers as partners. Almost two-thirds (64 percent) were either very or extremely willing to have insights on security hygiene passed directly from software provider to insurance carrier. Slightly less (61 percent) expressed the same comfort level in providing insurance carriers with access to internal security posture to allow for dynamic coverage updates.