Cyber attacks: German companies the hottest targets in Europe
In the modern business landscape, the rising frequency and complexity of cyber incidents present significant risks to businesses of all sizes. Based on our own benchmarks, mid-sized businesses are especially vulnerable, with as many as 1 in 4 businesses having experienced a cyberattack in the last 6 months, up from 1 in 5. It’s a trend we see reflected across Europe. For instance, according to a survey among professionals responsible for their company's cyber security strategy in the United States and Europe, Germany saw the highest rate of cyberattacks, while the Netherlands ranked fourth. Both above the US. While Belgium comes in eighth place.
Source: Statista. Share of companies in the United States and selected European countries having experienced a cyber attack as of 2023, by country
Financial impact: putting businesses out of business
The cost of cyber insurance is a mere fraction compared to the potential financial impact of a breach. Take the impact of ransomware as an example. NetDiligence’s Cyber Claims Study 2023 Report shows that ransomware accounts for 33% of all claims by mid-sized businesses, the average cost of a ransom demand in 2022 was €501k and the average incident cost was €781k. Up from €106k and €230k respectively in 2019. That’s a serious amount of money.
CrowdStrike outage: a very real reminder
But it’s not just the direct financial impact that businesses need to consider: cyber incidents can also cause real long-term losses due to lost customer business, as well as having a major impact on future market gains due to reputational damage.
The recent CrowdStrike outage had an enormous, and rapid, impact across industries. The disruption led to delays and financial losses. While the outage was accidental, it’s a very public reminder of how much we rely on digital systems. And how fragile they can become. So for companies mitigating the fallout from a malicious attack, the value of cyber insurance becomes clear: it acts as a financial safety net, helping businesses cover the costs associated with recovery, from legal fees and regulatory fines to lost revenue from business interruption. However, insurance is only part of the solution – businesses must recognise the need for a holistic approach to risk management that integrates proactive cybersecurity measures as well as comprehensive insurance coverage to achieve true cyber resilience.
Cyber risk: just like fire, but worse
Cyber insurance, while essential, is a reactive measure. Much like fire insurance, it only provides value after an incident has occurred. But fire marshals would agree that the best way to protect against fire risk is not to wait until a building has burned down; instead it’s essential to implement robust preventative measures. And the same is true when it comes to cyber risk. A business wouldn’t rely on fire insurance alone, without investing in fire alarms, sprinkler systems and evacuation protocols. Relying on cyber insurance without having effective cybersecurity monitoring and response in place would be equally shortsighted.
Fire is a static risk environment: it’s already minimal – the National Fire Protection Association in the US puts the chances of a business going up in flames at around 1 in 8000 – and the risks don’t change from day to day. But cyber risk is dynamic and evolving. Countless bad actors are continually probing businesses’ systems for weaknesses and searching for new ways to penetrate their defences – as if hundreds of arsonists were trying to come up with novel approaches to burn down multiple buildings every day. No wonder the Hiscox Cyber Readiness Report in 2022 stated that as many as 48% of SMBs have experienced some form of cyberattack.
A disconnected and painful status quo
The increasing frequency of cyberattacks puts additional pressure on businesses to maintain strong and proactive cybersecurity measures. Insurance carriers are increasingly interested in a company’s cybersecurity posture. Businesses with robust detection and response systems, mature Security Operations (SecOps) teams, and up-to-date security controls can continuously build their resilience in the face of an evolving threat landscape, which in turn helps them comply with their insurance policies.
However, cybersecurity and cyber insurance are usually treated as separate entities. This disconnected approach to risk management is both inefficient and unsustainable. Depending on the state of the market, businesses can get trapped in a cycle, trying to balance security improvements with insurance renewals, all while navigating an ever-evolving threat landscape, thereby creating a headache for CFOs, IT leaders, IT suppliers and risk advisors.
The current model of cyber insurance struggles to keep pace with the fast-changing cyber landscape. Insurance policies are designed to protect businesses from financial losses for a premium that reflects the risk profile of an organisation. However, establishing a risk profile is nearly impossible without a detailed analysis of every risk. This disconnect can lead to several challenges:
-
Limited protection – without a strong cyber security foundation, insurance coverage may not be sufficient to address the full extent of a cyber incident’s consequences.
-
Annual renewal headaches – businesses may face difficulties renewing their cyber insurance policies each year due to changing insurer requirements.
-
Increased costs – failure to meet the necessary security requirements can result in higher insurance premiums or even denial of coverage.
Solve the pain with a connected approach
Eye Security’s integrated approach to cyber risk management is essential to achieve true cyber resilience without headaches and uncertainty. By connecting advanced cybersecurity operations to mitigate breaches posed by digital and human risk factors, with the facility to buy cyber insurance through their partner network to cover off financial risk, Eye Security ensures that businesses can extinguish the threat posed by cyber-attacks once and for all. This unified approach provides businesses with predictable, future-proof protection that adapts to the evolving threat landscape.
For those who want to purchase an insurance policy – through their broker or risk advisor – in addition to Eye Security’s cyber security solutions, the benefits of this connected approach to cyber risk management are numerous.
Security pros with the best tech to mitigate every breach
Proactive security at Eye Security consists of an elite Security Operations team, working with the best Managed Detection and Response (MDR) software available to monitor customer environments 24/7. The team reacts to breaches within 4 minutes and personally removes bad actors and malicious software from customer systems within 4 hours. If an incident flares up, an in-house Incident Response Team will bring businesses back online, undertake forensic attack analysis and make recommendations to mitigate future incidents.
Eye Security’s dashboard provides customers with a continuous stream of recommendations for building the resilience of their digital environment, enabling IT teams and their MSPs to focus on the most important fixes. Eye Security is also aware that not all risks are digital: to that end it offers a Security Awareness programme to help protect against human risk.
Connected cyber insurance to extinguish the remaining risk
With such a comprehensive cyber security programme in place, business risk profiles are dramatically reduced, opening up a host of advantages for those who want to extinguish risk.
-
Easier and quicker qualification - because Eye Security can prove that its cyber security solutions significantly reduce company risk profiles, the insurance carriers it partners with – Lloyds, Chubb, a leading German insurer, Markel and Hiscox – remove barriers to coverage. This is particularly beneficial for industries often considered high-risk, such as logistics, manufacturing and healthcare, which can face difficulty obtaining insurance.
-
Smoother renewals – with a robust cybersecurity foundation in place, businesses can expect smoother annual renewals, avoiding the frantic last-minute rush to meet insurer requirements.
-
Predictable pricing – with a connected approach, businesses can benefit from more predictable insurance costs, avoiding unexpected increases or denials of coverage.
-
Future-proof protection – Eye Security’s solutions are designed to evolve with the changing cyber threat landscape, ensuring that businesses remain protected against emerging risks.
-
Compliance support – an integrated solution can help businesses meet industry-specific compliance requirements, such as the NIS2 Directive, which places additional cybersecurity requirements on companies operating within the EU, thereby reducing the risk of regulatory penalties.
Deep partnerships with the insurance industry
Eye Security’s ability to offer a comprehensive, connected solution is only possible thanks to the strong partnerships it has established within the insurance industry. These collaborations have enabled the development of tailored, competitive products (sold exclusively through brokers) across multiple markets:
-
Improved Lloyd’s offering – Eye Security has retained comprehensive cover while significantly reducing premiums. This product, previously only available to customers in Belgium and the Netherlands, is now accessible to businesses in Germany. It’s designed for companies with revenues up to 1 billion euros, providing an ensured sum of up to 5 million euros.
-
Netherlands – Eye Security has partnered with Markel to enhance its offer for companies with turnovers up to 50 million euros. This product is tailored to meet the needs of businesses of this size, while maintaining highly competitive conditions, such as a 35% premium discount.
-
Germany – A special relationship with a market-leading carrier has led to the development of unique insurance solutions for Eye Security’s clients in the German market.
-
Broker and risk management partners – Eye Security partners with an extensive broker and risk management network across Germany, the Netherlands and Belgium to bring these enhanced offerings to customers.
A smarter way to manage cyber risk
In an era where cyber threats are increasingly complex and frequent, businesses need more than just reactive solutions like cyber insurance. They need a connected approach that integrates proactive cybersecurity measures with comprehensive insurance coverage. Eye Security’s model which embeds cybersecurity into insurance coverage, offers a future-proof solution that simplifies risk management, reduces costs, and ensures that businesses remain protected in the face of evolving threats. By connecting cyber insurance to cybersecurity monitoring and cyber insurance, Eye Security provides businesses with a clear path to resilience, enabling them to stay ahead of cyber risks while enjoying the peace of mind that comes with knowing they are covered.
Interested in learning more?
Learn about how we partner with brokers and risk advisors here.
