Having written policies and procedures for your IT protocols is the best practice for running a business. However, now more than ever, if a company is looking for cyber insurance, it’s going to be essential to have those policies in place.

The cost of cyber insurance has risen over the past year due to the increase in ransomware and cyberattacks. Large-scale attacks—such as the Colonial Pipeline ransomware attack, which led to gasoline shortages across the Southeast United States—have highlighted the potential for devastating financial damages. In turn, insurers are taking a harder line before renewing or granting new/additional coverage for businesses. Insurers are asking for more complex information about organizations’ cyber policies and procedures. If your organization cannot meet its need for detailed information, you could face higher premiums, be offered limited coverage, or far worse, be refused altogether.

A 2021 report from the U.S. Government Accountability Office (GAO) found that more insurance clients opt for cyber coverage—up from 26% in 2016 to 47% in 2020. At the same time, they reported that the cost of cyberattacks nearly doubled between 2016 and 2019. As you’d imagine, insurance premiums followed the same increase. Median excess insurance prices increased by 123% in 2021 when compared to 2020, as reported by Woodruff Sawyer.


The cost of cyber insurance is based on the frequency, severity, and cost of cyberattacks. As the demand for cyber insurance increases, putting a price on cyber risk becomes more challenging. According to research from Sophos, the five industries with the highest level of cyber insurance coverage included the following:

Energy/Oil/Gas and Utilities: 88%
Media/Leisure/Entertainment: 88%
Business/Professional Services: 88%
IT/Technology/Telecoms: 87%
Financial Services: 86%

The cyber insurance market is changing fast, and conditions are getting more challenging as the market hardens for the first time in its almost 20-year history. Organizations with some cyber insurance are finding that the bar for renewal is getting higher, and premiums are increasing. Good cybersecurity can help with cyber insurance pricing by lowering premiums and reducing the likelihood of making a claim.

Companies that cannot afford an in-house security operations center (SOC) can look into SOC-as-a-Service providers, such as AgileBlue, to extend their IT teams. AgileBlue is a proven platform that detects cyberattacks on the cloud, network, and endpoints 24×7—interested in learning more? Please fill out the form below, and a member of our team will get in touch promptly.