Five ways to reduce your cyber insurance premiums

Issue 6 2023 Security Services & Risk Management, News & Events

With the global costs of cybercrime expected to soar to $13 trillion within the next five years, cyber insurance is booming as organisations try to mitigate the risk of financial losses. Globally, the cyber insurance market is now worth around $17 billion and is expected to grow by over 26% a year to top $84.62 billion by 2030.

“Spiking rates of cybercrime and ever higher ransom demands have increased the risks of insurers having to make massive pay-outs,” notes Tony Walt, co-founder and Director of Cyber Security Software House Port443.

“As a result, insurers have become more stringent about the minimum security related requirements, and cyber insurance premiums are increasing. In the US alone, premiums rose by over 120% between 2020 and 2022,” he says. “Rising premiums simply add to the burden of organisations already grappling with economic headwinds and increasing risk. The good news is that many insurers now offer discounts on insurance premiums to customers who take steps to reduce their cyber risk and improve their security posture.”

Walt says local insurers reduce premiums for customers adopting these cybersecurity best practices:

1. Keep security controls up to date: ‘Set-and-forget’ is not enough to stay ahead of cyber risk. Organisations should maintain visibility and control across their security environment and should use automation to ensure controls are regularly validated, patched and updated.

2. Use encryption and Wi-Fi Protected Access (WPA): Encryption and secured access reduce the risk of data exposure or loss and strengthens compliance with legislation such as PoPIA. This, in turn, reduces your risk of having to pay a ransom, incurring penalties, or being targeted in lawsuits.

3. Use multi-factor authentication: “Multi-factor authentication goes a long way in addressing the ongoing challenge of weak or vulnerable passwords and ensures that only authorised users can access your network. This greatly reduces your exposure, so insurers feel comfortable reducing your premiums,” says Walt.

4. Have secure backups: Secure, regular and trusted backups of critical data is crucial to build business resilience and support continuity. “To insurers, this means you are at a lower risk of claiming for lost production or business hours in the event of a cyberattack, given the ability to recover as a result of these backups.”

5. Have clear security policies, incident response processes and implement training and awareness programmes: Humans are the weakest link in cyber defence, with human error accounting for the bulk of cyber breaches. Clear and up-to-date cyber security policies and incident response plans must be drafted, implemented, tested and made readily available to all staff, and ongoing training and awareness programmes must be implemented. This could significantly reduce your risk profile and reduce your risk for cyber insurers.

Walt concludes, “Reducing your premiums is just one way to address the costs of cyber risk. The biggest costs associated with cybercrime are the losses suffered in ransoms, downtime, fines, legal costs and reputational damage. Applying cyber security best practices could help organisations avoid those costs altogether.”


Examples of discounts on premiums:

https://www.discovery.co.za/assets/discoverycoza/business-insurance/cyber-cover.pdf

https://www.santam.co.za/blog/business-advice/cyber-security-for-your-business/

https://satib.co.za/working-home-cyber-insurance-now-must/




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Duxbury Cybersecurity sharpens reseller offering
Duxbury Networking Information Security News & Events
Duxbury Networking has strengthened its Duxbury Cybersecurity business unit by adding WatchGuard and Cynet, giving South African resellers broader, more integrated coverage for the security risks customers are now asking them to address.

Read more...
Identity recovery matters most
Security Services & Risk Management
As cyberattacks grow more targeted, more destructive, and increasingly aimed at the very fabric of trust within the enterprise, the ability to restore identities has become just as critical as restoring data.

Read more...
ISO 27701 helps demonstrate privacy compliance beyond POPIA
Security Services & Risk Management
ISO 27701 include privacy-specific controls and provides a structured way to manage Personally Identifiable Information (PII) throughout its lifecycle, giving organisations a way to demonstrate how privacy is managed.

Read more...
Disconnect between confidence in identity security and operational reality
Access Control & Identity Management News & Events
New FIDO Alliance and HID study reveals gap between identity security confidence and reality; 94% of enterprises claim they can revoke employee access within 24 hours, yet 35% experienced delays or failures in the past two years.

Read more...
Paxton Solo training available to security installers
Paxton Access Control & Identity Management News & Events
Following the launch of Solo, Paxton’s brand-new access control system, the security manufacturer is rolling out dedicated Solo training sessions across South Africa to support security installers working with the system.

Read more...
Echoes of 2018? Follow-up on Woolworths explosions
Technews Publishing News & Events Security Services & Risk Management Retail (Industry) Facilities & Building Management
SMART Security Solutions follows up with Jimmy Roodt to find out more about an old connection to the Woolworths bombings from 2018. The investigation remains ongoing.

Read more...
Increase in cyberattacks on the manufacturing sector
Security Services & Risk Management News & Events Industrial (Industry)
According to a new Kaspersky ICS CERT report, in the first quarter of 2026, the percentage of industrial control systems (ICS) on which malicious objects were blocked reached 19,6% globally.

Read more...
Next-generation cash-in-transit vehicle
News & Events Security Services & Risk Management
Fidelity Services Group has unveiled a new, purpose-engineered Cash-in-Transit (CIT) vehicle designed to redefine crew protection, deter threats, and enhance operational resilience in an increasingly complex criminal environment.

Read more...
Sara AI Pentesting available in South Africa
Information Security News & Events
Synack and Wolfpack Information Risk are offering Sara AI Pentesting to organisations across South Africa, helping companies move from point-in-time testing to continuous security validation with AI and human expertise.

Read more...
The risk at the edge of South Africa’s agriculture supply chain
Security Services & Risk Management Agriculture (Industry) Logistics (Industry)
Research from ESET has found that a significant number of South African agritech operators and farmers continue to believe their companies are not attractive targets for cybercriminals. Unfortunately, that belief is precisely what makes them one.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.