It might seem obvious that not all companies face the same cybersecurity risks, so their insurance needs should reflect these differences. This evolving landscape requires tailored security measures, and Gallagher Re’s latest study shows that by focusing on key risk factors, insurers can help companies strengthen their defenses and reduce overall insurance costs by lowering the likelihood of claims through better cybersecurity practices.
In their 2024 report, “Scanning the Horizon: How Broadening Our Use of Cybersecurity Data Can Help Insurers,” Gallagher Re explores how external scanning data can be leveraged to reduce loss ratios. Conducted in collaboration with Bitsight, the study analyzed over 62,000 organizations, spanning 67 countries and more than 589 million IP addresses. The findings highlight the transformative potential of technographic data—information about a company’s technology use and cybersecurity posture—to help insurers better predict claims and mitigate risks by promoting strong cybersecurity practices.
Our further takeaways follow; you can get the whole report here.
External Scanning Data and Its Role in Reducing Loss Ratios
The study’s key takeaway is that when applied effectively, external scanning data can dramatically reduce loss ratios. Traditionally, cyber insurers have relied on firmographic data—factors such as company size, revenue, and industry—to assess risk. However, Gallagher Re’s analysis reveals that technographic data can provide a more accurate and granular picture of a company’s vulnerability to cyber threats by evaluating their cybersecurity practices.
According to the study, the companies with the weakest cybersecurity controls, as identified through external scanning data, are 3.17 times more likely to suffer a loss than their more secure counterparts. By removing the bottom 20% of these high-risk companies from a portfolio, insurers could reduce their loss ratios by up to 16.4%. This result underscores the value of targeted data in identifying the most vulnerable organizations and highlights how tailoring insurance practices to cybersecurity risks can lower costs.
The Importance of a Company’s Cyber Footprint
Gallagher Re’s report also introduces the concept of a company’s “cyber footprint”—the number of IP addresses it maintains—as a significant predictor of insurance claims. Larger organizations typically have more devices connected to the internet, resulting in a bigger attack surface and more opportunities for cybercriminals. The study shows that the size of this cyber footprint is a better predictor of risk than many traditional metrics, such as revenue. This finding is especially relevant for insurers, as it suggests that risk assessments based solely on firmographic data might overlook key vulnerabilities and cybersecurity practices.
Single Points of Failure: A Growing Concern
Another critical element highlighted by the study is the role of Single Points of Failure (SPoF) in cybersecurity risk. SPoF data identifies a company’s reliance on external third-party services—such as cloud providers or VPNs—which, if compromised, could lead to widespread disruptions. The July 2024 CrowdStrike incident, in which a faulty software update caused a global outage affecting 8.5 million devices, illustrates the danger posed by these dependencies. Gallagher Re’s analysis showed that organizations relying heavily on CrowdStrike services were particularly vulnerable, with industries like IT, tech, and transportation disproportionately affected. This kind of data, though still in its early stages of development, holds great promise for insurers looking to better anticipate and mitigate risks related to third-party failures through improved cybersecurity practices.
Shifts in Cyber Risk Factors
The report also emphasizes the shifting nature of cyber risk in today’s increasingly remote and hybrid working environments. Since the COVID-19 pandemic, risks associated with mobile application security and cloud identity management have grown, while traditional threats linked to on-premises security have declined. This shift reflects broader workforce trends and highlights the need for cyber insurance models to evolve in response to changing threat landscapes and cybersecurity practices.
Despite these shifts, the basics of cybersecurity remain critical. Gallagher Re’s study found that factors such as patching cadence—the speed at which companies fix known vulnerabilities—continue to be strong predictors of risk. Properly configured SSL certificates, HTTP headers, and DNS security were also found to reduce the likelihood of a cybersecurity incident, reinforcing the importance of strong cyber hygiene and cybersecurity practices.
Risk Factors for Specific Cyber Events
Gallagher Re’s study further examined specific risk factors for different types of cyber incidents, such as Business Email Compromise (BEC) and ransomware attacks. For BEC claims, email authentication protocols like DKIM (DomainKeys Identified Mail) and SPF (Sender Policy Framework) were especially useful in predicting losses. These protocols help prevent phishing attacks by ensuring that emails are legitimate, thus reducing the risk of BEC through better cybersecurity practices.
For ransomware, patching cadence was once again the strongest predictor of risk. Companies that quickly addressed vulnerabilities were less likely to experience ransomware attacks. Other important factors included the security of web certificates and SSL, both of which play key roles in securing communications between a company’s systems and external servers. These are integral components of effective cybersecurity practices.
Looking Ahead: The Future of Cyber Insurance
While Gallagher Re’s 2024 report offers groundbreaking insights into the use of external scanning data for cyber insurance, it also acknowledges that there is still much work to be done. The report calls for ongoing research to further refine the predictive power of technographic data and improve financial impact modeling. As the cyber threat landscape continues to evolve, insurers will need to adapt their models to stay ahead of emerging risks by enhancing their cybersecurity practices.
The study’s conclusions make it clear that the future of cyber insurance lies in data-driven decision-making. By combining traditional firmographic data with detailed technographic insights, insurers can build more accurate risk models and, in turn, offer better protection to companies facing an ever-growing array of cyber threats. With external scanning data as a key tool, the cyber insurance industry is poised to significantly reduce loss ratios and offer more tailored, cost-effective coverage to businesses worldwide through robust cybersecurity practices.
Other News: ‘G-Shock’ watchmaker Casio delays earnings release due to ransomware attack.