Businesses using a managed detection and response provider cut their median response time to a cyber incident by half, and saw a commensurate - and dramatic - reduction in the impact of each incident, according to an analysis of insurance claims data.
At least one cyber insurance firm is exploring offering discounts on policy premiums based on what kind of technology the organization has in its environment.
By adding the skilled expertise of cybersecurity professionals to major endpoint detection and response platforms, companies had fewer incidents and what incidents they did have were less serious, according to cyber insurance firm Coalition.
Based on the analysis, the company offers credits to cyber insurance premiums for its policyholders based on whether they have deployed MDR and which one, says Tiago Henriques, vice president of research for Coalition.
Unmanaged endpoint detection and response platforms do not merit the discount, he says.
The cyber insurance firm's findings are not surprising.
Because cybersecurity and incident-response experts deal with security events on a regular basis, managed detection and response services save their clients significant time, reducing the cost of incident response and saving the time of cybersecurity professionals, says Jeff Pollard, vice president and principal analyst with business intelligence firm Forrester Research.
The average customer tends to save 33 hours per incident to identify actual malicious activity, 16 hours to investigate and determine the severity, and 16 hours performing root cause analysis, according to Forrester survey data.
Collecting Data on Business Risks Managed detection and response platforms are not alone in being recommended by cyber insurance providers.
Last year, Coalition found that organizations using Google Workspace had only 43% of the financial transaction fraud claims rate as companies using Microsoft Office 365, while insurtech firm At-Bay saw that firms using Microsoft 365 had double the claims of Google Workspace.
Insecure email systems are a major source of insurance claims, with business email compromise accounting for 26% of Coalition's cyber claims and email in general accounting for 41% of At-Bay's claims, the firms stated.
Coalition plans to continue to crunch their numbers to determine what other technologies may lower claims rates, Coalition's Henriques says.
In its Cyber Threat Index 2024 published on Feb 21, the company also found that more than 10,000 businesses are running instances of Microsoft SQL Server 2000, an end-of-life product, which is reachable from the Internet.
Coalition will not insure companies with open ports for the Remote Desktop Protocol, because of the easy with which it can typically be compromised.
Scanning for the open port increased by 59% in 2023, the firm said.
The savings on policies could set cyber insurance firms on the path to recommend specific solutions to businesses based on which lead to fewer - and smaller - claims.
To some degree, that discussion is already occurring, says Coalition's Henriques.
The most secure technologies may not be worth the policy savings, says Forrester's Pollard.
While everything will eventually become a service, because the skills to operate and maintain technology are not widely distributed, whether they make sense for a specific business depends on the economics, he says.
In the end, businesses may have to accept higher premiums for their particular IT environment, or may not be able to get insurance at all.
This Cyber News was published on www.darkreading.com. Publication date: Thu, 22 Feb 2024 21:35:15 +0000