Bethan Moorcraft reports:
Cyber insurers are hyper-focused today on best-practice risk mitigation and cybersecurity protocols. Many carriers have introduced minimum security requirements – such as enabling multi-factor authentication (MFA) for email and remote access, and possibly even using end-point detection and response (EDR) technology – before they’ll even consider writing a policy.
This type of underwriting has had a positive impact on cyber loss trends, but the unfortunate fact remains that “with cyberattacks, it’s not a matter of if, it’s not a matter of when, it’s how big,” according to Kurt Suhs, founder and CEO of Concierge Cyber. Risk management only goes so far, and with that in mind, Suhs believes insurers are “missing” a few important nuances in their prevention-focused underwriting strategies.
Read more at Insurance Business America.