Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity NewswireSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity News

Lowering cybersecurity insurance premiums with managed security services

By Katie Horvath
cyber-insurance-freepik1170x658v57.jpg

Image by rawpixel.com via Freepik

June 21, 2022

A range of factors, driven partly by the COVID-19 pandemic, accelerated by the work from home (WFH) trend and exacerbated by the Russia-Ukraine conflict, has caused midmarket organizations to ramp up their security defenses and protect corporate assets with cyber insurance in the event of a successful attack. 


Like other insurance categories, cyber insurance offers data breach insurance that helps a company recover from data loss due to criminally encrypted data, cyber theft, a network outage, or other IT interruptions caused by ransomware, malware, or other cyber variants targeting the business. 


Attacks on larger businesses and midsize organizations are increasing, resulting in significant financial losses caused by operational downtime and reduced revenues due to system outages. These attacks have also damaged reputations and resulted in rising costs due to investigations, remedies and other fees or penalties tied to compliance violations resulting from such attacks.


With cyber insurance, these businesses can protect themselves from financial losses by not having to pay reparations to criminal entities due to cyber extortion. It also allows companies to be compensated for lost business opportunities and remediation of lost or damaged digital assets.


There is no doubt cyber insurance is a must-have in today’s business climate, but it does come with a cost. The expensive premiums are often due to the high compensation required when these attacks occur. Companies in certain verticals, such as financial services and healthcare, often pay even higher premiums because of the large volume of PII (personally identifiable information) targeted by the most aggressive ransomware or cyber variant.


According to Jeff Meyers, VP of Operations for Meyers Glaros, an Indiana-based insurance firm and provider of cybersecurity insurance, “The cybersecurity threat is something that hangs over every company in America, but more recently has been impacting midsize businesses. While cybersecurity insurance is the new normal for risk-averse organizations, the monthly premiums can be tempered significantly by implementing the appropriate processes and procedures, employee training and robust security infrastructure to defend the organization.”


The first step to reducing cyber insurance premiums is to conduct a security audit assessing which digital assets and physical operations may be impacted by an attack. High value and sensitive data rank number one in these audits with financial data, customer information, employee records, intellectual property (IP) in the form of solution designs/architectures, proprietary processes, strategic plans and more. Once the audit is complete, the calculation of insurance needs can be based on this newly obtained information that determines the potential financial risk and anticipated recovery costs.


The next several steps involve soliciting a managed service provider specializing in secure solution delivery. This includes service providers capable of conducting scheduled penetration testing; business-wide password implementation, monitoring and management; end-to-end encryption of personally identifiable information (PII); deployment of zero trust infrastructure to control access to sensitive data, as well as a full suite of defensive security solutions layered across the managed IT environment. 


Key solutions and processes many insurers suggest implementing to reduce premiums include:

  • Strong email security: Despite popular belief, email is not a secure form of communication, and every organization should use caution when sending or verifying sensitive information by email.
  • Multi-factor authentication: MFA immediately increases account security by requiring multiple forms of verification to prove your identity when signing into an application. Start with email, then apply MFA everywhere it’s available.
  • Full data backups: A full data backup can mean the difference between a complete loss and a complete recovery after a ransomware attack. Develop a strategy tailored to the business.
  • Secure remote access: Remote work is more necessary than ever before, which means workers are no longer in controlled work environments. Instead, they are often given access to company resources remotely. When remote access is allowed, the organization takes on additional risks. 
  • Regular software updates/patching: All software presents at least some risk to the organization. Cybercriminals look for vulnerabilities, which can easily be located to prevent exploits through regular software updates.
  • Use of a password manager: Password managers help keep track of multiple passwords and generate new ones at random. They are essentially an encrypted vault for storing passwords that are protected by one master password. These master passwords act as ‘keys to the kingdom’ and should be heavily protected.
  • Malicious software scanner: Endpoint detection and response (EDR) tools (including traditional antivirus and anti-malware software) readily identify, detect, and prevent advanced cyber threats.
  • Data encryption: Encryption is a process that renders data inaccessible to bad actors who manage to steal it unless they possess the key required to access it. If your data is not encrypted and you lose a device, your organization may face a data breach and all of the legal, regulatory, and notification costs that come with it.
  • Security awareness training: 60% of claims are the result of human error. This can be avoided by creating a culture of cyber risk awareness that holds everyone accountable.
  • Oversight by a managed IT help desk: Insurance providers understand that attacks occur at all hours of the day and night. A 24/7/365 help desk monitors security infrastructure and can take action immediately once an attack is detected.


With the combination of secure managed IT services and the right cybersecurity insurance provider, organizations can significantly reduce the threat of serious business and financial impact caused by a successful cyberattack. With critical IT systems, data and processes in a hardened defensive position, insurance premiums can be made much more affordable while still offering all-encompassing protection against the criminal threat actor’s incessant flood of attacks. Even more important, with a secure managed services contract in place, successful attacks are made incredibly difficult for even the most experienced cyber villains — dramatically reducing the risk profile of the organization.

KEYWORDS: cyber insurance data privacy data protection ransomware risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Katie headshot

Katie Horvath is the Chief Marketing Officer for Aunalytics, a data platform company delivering insights as a service. Prior to Aunalytics, she held the post of CEO for Naveego where she was the only woman CEO of a big data company in North America until 2021 when the business was acquired.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Leadership and Management
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Technologies & Solutions
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Shopping mall

Victoria’s Secret Security Incident Shuts Down Website

Laptop with coding on ground

Stepping Into the Light: Why CISOs Are Replacing Black-Box Security With Open-Source XDR

Gift cards and credit cards

Why Are Cyberattacks Targeting Retail? Experts Share Their Thoughts

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • insurance-cyber-freepik5868.jpg

    The rising tide of cyber insurance premiums in the age of ransomware

    See More
  • Webcor implements managed security services to mitigate risk

    Commercial construction company Webcor implements managed services to improve its security posture

    See More
  • report on desk

    70% financial services, insurance companies suffer API security delays

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing