Delinea, a provider for managing authorizations, today published a survey of 300 decision makers that finds 62% of respondents have filed an insurance claim because of a cyberattack in the last 12 months, with well over a quarter (27%) having filed multiple claims.

In addition, the survey finds a third-party vendor or supply chain partner was at fault for 27% of cyberattacks, followed closely by ransomware attacks. Nearly half (47%) of the attacks that led to insurance claims are linked to compromises involving identity (24%) and privileges (22%).

Delinea president Rick Hanson said it’s clear cybercriminals are becoming more adept at using compromised identities to map IT environments before, for example, launching a ransomware attack.

Overall, the report finds more than three-quarters of respondents (77%) work for organizations that have previously filed a cybersecurity insurance claim.

However, the report notes that cybersecurity insurance policies increasingly require organizations to invest more in cybersecurity. For example, 41% of respondents noted cybersecurity insurance providers now require proof of least privilege access. A 95% of respondents report they needed to invest in identity security solutions before obtaining cyber insurance. The top requirements are authorization/access controls (41%), threat detection and resiliency plan (40%), session management and monitoring (38%), credential password management (35%), secure third-party controls (35%) and multifactor authentication (35%).

The primary reasons for applying for cybersecurity insurance are compliance/regulatory requirements (35%), executive/board requirement (37%), recent cyberattack (27%), ransomware incident (26%) and third-party contract requirement (24%), the report noted. More than a third (37%) said their cybersecurity insurance could be voided if the right security controls are not in place. Additionally, 32% said they are required to either first report an incident to the carrier or notify them of an incident within a specific period.

Coverage covers data backup and recovery (50%), additional security controls (46%), legal fees (44%), ransomware negotiation and payments (41%), incident response services (40%), impact on partners and customers (40%) lost revenue (39%) and regulatory fines (38%), the survey finds.

The days when cybersecurity insurance was sought as an alternative to investing more in cybersecurity are clearly long over, said Hanson. Cybersecurity insurance carriers to stem losses now require organizations to invest more heavily in cybersecurity than ever before granting coverage. A full 42% of organizations noted they were also required to purchase security solutions/appliances from their insurance provider. Half of respondents (50%) also noted their cybersecurity insurance costs have increased in the last year, mainly because their IT environments have become more complex (48%).

However, 50% also said they were able to reduce their insurance rates by implementing additional security controls. An equal percentage said they are also implementing artificial intelligence (AI) for threat detection and monitoring to lower cybersecurity insurance premiums.

Ultimately, cybersecurity insurance has played a major role in improving the overall state of cybersecurity if for no other reason than carriers have a major financial incentive to make sure organizations are making the right investments. The challenge, as always, is aligning the people, processes and technologies required to ensure the best outcome possible in an era that is seeing cybersecurity threats only increase in terms of both volume and sophistication.