Sophos report finds that companies investing in cyber defenses not only improve their security, but also gain other benefits, including lower premiums.
Although most medium-sized businesses have some form of cyber insurance, there is widespread uncertainty about what the coverage would provide in the event of a claim, while businesses that had filed a claim reported their coverage paid less than the full incident costs on average, according to new research by cybersecurity firm Sophos.
Despite some medium-sized business, those with 100 to 5,000 employees, expressing uncertainty about protections, the survey found that businesses that invested in cyber defenses not only improved their insurance coverage but also reduced their cyber risk.
Cyber insurance acts as both a carrot and a stick for cybersecurity investments, Sophis noted. “By setting minimum security control requirements to attain coverage — the ‘stick’ — the insurance industry is effectively forcing many organizations to elevate their cyber defenses. In parallel, by recognizing and rewarding strong defenses…
