A recent study by Gallagher Re, a global reinsurance broker, analysed Bitsight’s security performance data from 62,000 organisations across 67 countries, along with Gallagher Re’s proprietary data on cybersecurity incidents and claims.
The research revealed that poor performance in specific areas increased the likelihood of a cybersecurity incident and subsequent claim, while strong performance helped reduce this risk.
Several key factors were identified as predictors of cybersecurity risk, offering valuable insights for both enterprise cybersecurity leaders and cyber insurers.
One of the main findings highlighted the potential of using external scanning data in conjunction with traditional firmographics. By targeting the most damaging 20% of risks, insurers could see a reduction in loss ratios of up to 16.4%.
A significant insight from the study was the importance of an organisation’s “cyber footprint”—the size of its attack surface, determined by the number of IP addresses it controls.
The research found this to be a strong predictor of claims, which shifts the focus for insurers who traditionally relied on metrics like employee numbers, industry, or revenue. The…