As digital infrastructure becomes crucial to business operations, failing to protect these systems can lead to catastrophic consequences.
This is among the findings from a KnowBe4 research paper titled “Cyber Insurance and Security: Meeting the Rising Threat”, which delves into the increasingly crucial intersection of cybersecurity and insurance.
It highlights that the average cost of a data breach has surged to $4,88-million in 2024, with significant variations across regions. Notably, the US, the Middle East and Europe are observing alarming increases in cyber claim severity and frequency, indicative of a global issue that demands immediate attention and action.
The research explores the relationship between cybersecurity practices and cyber insurance, noting that insurers are increasingly looking for strong security measures when determining coverage and premiums. It emphasises the effectiveness of ongoing security awareness training in reducing an organisation’s vulnerability to attacks.
Key findings from the paper include:
- Escalating Costs of Cyberattacks: Cyberattack expenses are escalating rapidly, extending beyond immediate disruptions to include legal fees, fines, and reputational harm. IBM reports a significant increase in breach costs, highlighting the urgent need for robust risk management.
- Complex Threat Landscape: Cyber threats now rank as the top global concern, with social engineering and phishing leading the way. This trend underscores the need for strengthened human defenses against these targeted attacks.
- Challenges for SMEs: Small and medium enterprises face disproportionate impacts from cyber incidents. While their average costs are lower, the financial consequences can be devastating, requiring tailored security strategies.
- Increasing Legal Complexities: Expanding data privacy laws are driving a surge in class action lawsuits, especially in the U.S., with potential growth in Europe, urging organisations worldwide to prioritise compliance.
- Human Factors: Human factors remain the most vulnerable aspect of cybersecurity, accounting for 75% of data breaches.
“In today’s interconnected world, the complexity and frequency of cyber threats are intensifying at an unprecedented rate,” says Stu Sjouwerman, CEO of KnowBe4. “This latest research clearly indicates that organisations, regardless of size, must adopt a proactive and comprehensive approach to cybersecurity.
“Cybersecurity cannot remain an isolated IT function. Instead, it must be embraced as a core component of organisational strategy, ensuring that technological risk management is backed by informed human defenses and comprehensive risk management practices, including cyber insurance.”
To successfully confront these mounting challenges, the research underscores the need for a multi-faceted approach that combines cybersecurity measures with comprehensive insurance coverage. A focus on prevention, security culture and education are critical, coupled with strategic partnerships between businesses, insurers and cybersecurity experts.