76% of Nigerian Companies Strengthen Cyber Defenses – Sophos Report
According to the report, a remarkable 97% of companies with a cyber insurance policy have invested in enhancing their cyber defenses. Specifically, 76% of these companies stated that these improvements were crucial for qualifying for coverage. Additionally, 67% reported that such enhancements helped them secure better pricing, and 30% managed to obtain improved policy terms.
However, the report also highlighted a growing concern: the costs associated with recovering from cyberattacks are surpassing insurance coverage limits. Only 1% of companies that filed a claim reported that their insurance fully covered the expenses incurred during remediation. The primary reason for this gap was that the total recovery costs exceeded the policy limits.
The “State of Ransomware 2024” survey, also cited in the report, indicated a 50% increase in recovery costs from ransomware incidents over the past year, with the average cost reaching $2.73 million.
Chester Wisniewski, Director and Global Field CTO at Sophos, analyzed the findings, emphasizing the importance of basic cybersecurity practices. “The Sophos Active Adversary report has repeatedly shown that many cyber incidents result from failing to implement basic cybersecurity best practices, such as timely patching. In our most recent report, compromised credentials were the number one root cause of attacks, yet 43% of companies didn’t have multi-factor authentication enabled.”
Related Posts
Wisniewski further noted the positive impact of cyber insurance on organizational behavior. “The fact that 76% of companies invested in cyber defenses to qualify for cyber insurance shows that insurance is forcing organizations to implement essential security measures. It’s making a difference and having a broader, more positive impact on companies overall. However, while cyber insurance is beneficial, it is just one part of an effective risk mitigation strategy.
Companies still need to work on hardening their defenses. A cyberattack can have profound impacts on a company from both an operational and a reputational standpoint, and having cyber insurance doesn’t change that.”
The report underscores the need for continued investment in cybersecurity measures beyond the requirements of insurance policies to mitigate the growing threats in the digital landscape.