As critical vulnerabilities hit an alarming 35,000+ Common Vulnerabilities and Exposures (CVEs) this year, it’s clear that all businesses—from SMBs to large enterprises—face a volatile threat landscape that necessitates well-managed solutions to maintain resilience. While some believe that cyber threats evolve too quickly to keep up with, new approaches are emerging that enable any business to defend itself from the growing onslaught of cyber threats.
As these vulnerabilities climb, cyber insurers are at the forefront of contextualizing this heightened threat environment because part of their remit is simplifying the complex world of cyber risk so that brokers and business leaders can quantify and manage emerging risks.
In recent years, the cyber insurance industry has shifted to a new approach: providing coverage in the fallout of a cyber incident and taking active steps to prevent digital risks before they strike. This preventative approach leverages millions of signals from across the internet, honeypots, and businesses' IT environments to monitor better and mitigate cyber threats. It’s a data-informed method that also leverages AI-powered insights, resulting in a new way to manage cyber risk.
Businesses can keep up with dynamic threats if they are equipped with the right strategy
Cyber risk may be unwieldy, but it’s not so dynamic that businesses are powerless to defend themselves against it. This sentiment among business leaders presents a misunderstanding and underestimation of the resources the cybersecurity and cyber insurance industries have at their disposal.
To accurately assess cyber threats, it’s crucial to understand which vulnerabilities present a threat and whether or not an organization should prioritize remediation. Businesses have wasted precious time and resources on insignificant risks for too long.
As CVEs are trending toward reaching new heights in 2024, security practitioners are expected to review, assess, and triage an average of 2,900 new vulnerabilities monthly. However, only 5% of CVEs are exploited, which puts the onus on IT and security teams to make the big decisions regarding risk prioritization.
With such vast datasets across IT environments, it’s impossible for smaller, overwhelmed IT teams to discover threats by assessing mountains of data. Uncovering vulnerabilities can take time, so tools like AI-based risk scoring systems are key for risk managers to identify the vulnerabilities that pose severe threats to them.
Keeping up with the shifting cyber threat landscape requires speed and immense accuracy. Blending new tools with tried-and-true human oversight is the best way to bolster the defenses offered by active insurers and incident response teams.
AI-powered risk monitoring tools and flags or dedicated managed detection and response (MDR) teams can support these efforts. These resources can help enterprises everywhere detect vulnerabilities faster, conduct accurate analyses, uncover data flaws, and accurately prioritize new CVEs to stay one step ahead of the evolving cyber threat landscape.
Risk assessment requires real-time data; no business can get by on historical data alone
One common misconception surrounding the cyber insurance industry is that the field is relatively new and doesn’t have enough historical data to determine future risks accurately. In fact, modern insurers agree that historical data is insufficient to understand a business's cyber risks, and looking to the past to predict the future will not yield accurate outcomes for policyholders.
Cyber risk managers must better understand a business's technology, network architectures, and cybersecurity practices to appreciate better how emergent threats might arise. The new, active approach relies on far more than historical data to understand threat actors' behaviors and movements. Real-time data collection, ingestion, and analysis help cyber insurers make more informed decisions about cyber risk selection and a business’s insurability.
Common vulnerabilities and how to find, flag, and fix them are constantly transforming. Cyber insurers must remain focused on the present and future to understand best how modern risks and threat actors will target businesses. Ultimately, this also aids policyholders as it prepares them to address new threats when they emerge.
Better data collection and AI analysis in practice
Speed and accuracy are key to active risk selection because any business is susceptible to vulnerability exposures at any point. Consistent, internet-wide, real-time data collection can help active cyber insurers identify emerging threats and help businesses avoid costly claims.
There are various ways to collect data. First, continuously scanning the entire IPv4 space and parts of the IPv6 space, essentially asking every computer directly exposed to the internet which software it runs and for what purpose.
Second, managing a geographically distributed network of honeypots that emulate incorrectly configured software to lure threat actors into revealing their attack tactics when a new vulnerability emerges. These sensors help discover new vulnerabilities before they’re published. Active cyber insurers can use honeypots to visualize and understand which software is most likely to experience an attack based on attacker behaviors.
These resources and AI analysis deliver real-time insights enabling cyber insurers to make more rapid predictions and assess risk. Together, they eliminate the need for third-party data to understand how threat actors behave fully.
For example, a computer exposed to the public internet can have 65,535 ports running various software. When a cyber insurer conducts internet-wide scans, it can examine a select number of ports most commonly targeted by threat actors and cross-reference them with policyholders’ ports. Policyholders at risk are then notified of the potential risks, often before the vulnerability has even made news headlines.
The future of cyber insurance is data-driven
Cyber risk is knowable and measurable despite its difference from other types of risk. As dynamic as threats can be, active cyber insurers must stay ahead of the curve with the right types and uses of data.
Data is propelling the cyber insurance industry forward. Cyber insurers can accurately anticipate cyber threats by leveraging real-time, real-world data rather than outdated or historical data approaches. Active cyber insurers must look to the future to anticipate modern threats—not the past. They must take an integrated approach by having actuaries work with security researchers to assess policyholders' risk accurately.
Resources like AI-powered risk models and dedicated MDR teams can assist in these efforts, ensuring that vulnerabilities likely to threaten organizations are dealt with swiftly and accurately.
While many believe dynamic threats are evolving too quickly to keep up with, given the right resources, businesses everywhere can come out ahead.