top of page

As Premiums Skyrocket, Cyber Insurance Companies Use Open-Source Intelligence to Assess Clients

Once completed, we submitted the form to the insurance company. From there, our client expected that the form would help the carrier determine the amount of coverage and the premium it would charge. What happened next surprised our clients and highlighted a growing trend in the industry. After submission, our client was surprised to receive an invitation from the broker to meet and discuss the answers in the questionnaires. 


Increasingly, insurance companies are taking cybersecurity insurance customers seriously with the intention of reducing their own overall risk by either denying coverage or increasing premiums for clients they deem as “risky.” This client isn't alone. Just in the past year alone, we have worked with a significant number of clients who have watched as their cyber insurance premiums skyrocketed, in some cases quadrupling in just 12 months. Meanwhile, as premiums shot up, carriers cut back dramatically on the coverage they would provide. During the second quarter of 2022, cyber-insurance premiums are up 79% from a year earlier, according to a recent study by the Global Insurance Market Index. We don't see this trend ebbing anytime soon. Instead, we fully expect insurance companies to increase their scrutiny of their clients even further and more thoroughly going forward.


What can you do:

Supplementing cyber insurance with a balanced approach to preventative, detective, and response control organizations can strengthen an organization's cybersecurity posture and risk profile. Ensure your defensive security controls are in place and well documented. To that end, consider implementing the following recommendations.

  • Harness Endpoint protection (EDR, MDR, XDR). Utilize an endpoint protection platform to detect and prevent security threats on an endpoint device (e.g., laptop, tablet, phone). 

  • As cyber insurance companies continue to adopt OSINT techniques, organizations should consider an OSINT review of your company to see what information may exist on the dark web. OSINT can be used for proactive research to understand the future threat landscape. 

Fortalice can assist your organization in remaining agile and preemptive rather than reactive to cyber threats.

bottom of page