Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity NewswireSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecurityCybersecurity News

Cyber insurance needs an industry-wide security standard

By Dave Trader
cyber-insurance-freepik1170x658v57.jpg

Image by rawpixel.com via Freepik

September 7, 2022

Cyberattacks reached unprecedented levels in 2021, increasing 105% according to one report. No industry is immune to their impact, with supply chains, healthcare organizations and service providers all having been recently impacted by attacks.  

 

With more and more companies realizing they need a better way to manage costs, protect themselves against cyberattacks and recover if needed, the popularity of cyber insurance has exploded. Unlike traditional insurance policies, cyber insurance protects companies from data breaches, cyberattacks like breaches, and terrorist acts, among other events. 


While these policies have proven popular for insurance providers, the industry is not without its growing pains. In 2021, the average ransomware payment rose 78%, reaching $541,010, while the average ransomware demand grew 144% to $2.2 million. This demand has caused the supply of cyber insurance offerings to dwindle as providers look to make up for these losses or refuse to enter the market altogether.


In fact, cyber insurance premiums were up 92% YoY in 2021, leaving companies vulnerable to potentially catastrophic cyber emergencies. With premiums expected to stay high and criteria becoming stricter, the time is now for an industry-standard detailing what companies need to do to be insured.  

 

An industry-wide cyber insurance standard will ensure that companies can protect themselves against cyberattacks. One simple way of doing this is to adopt a standard framework, like NIST-CSF. Frameworks like NIST-CF provide a template for best practices, requiring companies to continuously update and verify their systems, which ensures that they will always be properly equipped to manage cyber risk. 


While every organization is different in terms of risk, a standardized framework makes it easier for companies to ensure their networks are secure. As a baseline framework, NIST-CF is more easily attainable than other complex frameworks. Having this as an industry standard means that those who need insurance can get it or take the steps required to get it without sacrificing the necessary safeguards to interact in today’s cyber environment. 

 

Having a requirement for cyber insurance will also force complacent companies to act. Even in today’s environment of constant attacks, some organizations refuse to make the necessary investments to protect themselves. Mandating cyber insurance will require these organizations to at least have a solid baseline of security controls to improve overall cyber hygiene. These late adopters represent sustained risk which affects the verticals and taxonomies they represent. 

 

An industry-standard framework will help alleviate some of this risk as it provides a standard framework for insurance providers to use when evaluating potential customers. By having a baseline checklist that users need to reach before applying for a policy, insurance providers would gain an understanding of a company’s current cybersecurity structure and would know that an organization is protected from certain risks. This would also help speed up the onboarding process, allowing companies to gain insurance quicker. 

While some attacks are unavoidable, having an industry-wide framework in place would help solve some of the industry’s current issues and generate more opportunities for organizations to protect their assets.  

 

As the cyber insurance industry continues to evolve, an industry-standard framework will serve as a critical guiding light for companies and insurance providers. It provides clear guidelines of what companies need to do to be insured and serves as a checklist for insurance providers to evaluate potential customers. 


In turn, this will help lessen the impact of cyberattacks and create a more sustainable insurance marketplace for providers. 

KEYWORDS: cyber insurance cyber security risk management security framework

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Davetrader

Dave Trader is a Field CISO at Presidio and has over 20 years of cybersecurity experience. Prior to Presidio, Dave was a CISO for 7 years at a technology company, and most recently a graduate of the FBI CISO academy out of Quantico. He also has over 70 certifications, including CISSP, CISM, and is a certified Ethical Hacker.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Leadership and Management
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Briefcase with laptop

    The cybersecurity industry needs an estimated 225,200 workers

    See More
  • cyber security

    The integration of small business cybersecurity protection and cyber insurance: An emerging trend in 2021

    See More
  • Doorway to Cybersecurity

    40 Percent of Organizations Have an Active Cyber Insurance Policy

    See More

Events

View AllSubmit An Event
  • March 6, 2025

    Why Mobile Device Response is Key to Managing Data Risk

    ON DEMAND: Most organizations and their associating operations have the response and investigation of computers, cloud resources, and other endpoint technologies under lock and key. 
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing