The changes that could save cyber insurance

Mario Greco, CEO of Zurich Insurance, recently explained that cyberattacks are becoming uninsurable as the industry can no longer absorb losses caused by cybercrime. The biggest issue? Many companies do not use sufficient cyber protections, leaving them uninsurable. One of the most common issues is stolen employee credentials, which can provide attackers with the simplest route into corporate systems. Insurance veteran Gerry Kennedy and Julia O’Toole, CEO of MyCena Security Solutions, explain that practices such as network access segmentation and passwords encryption could make companies insurable again. O’Toole explains: “When it comes to the policy changes, insurers first need to realise the root of cybersecurity problems lie in the reliance of employee-generated passwords, which companies have no control over.” She adds: “The cyber insurance industry has been in a position of vulnerability for too many years now, but it doesn’t need to be this way. With stolen credentials being the most common way for criminals to infiltrate networks, access segmentation, and encryption are a simple and effective way for insurers to take control of the risks they cover.”