Study: Cyber Breach Recovery Times Exceed Insurance Coverage

Share
Companies are taking 7.3 months to recover from cyber security breaches
Research from Fastly reveals businesses face recovery periods of more than seven months after attacks, as costs rise beyond policy limits

Companies are taking 7.3 months to recover from cyber security breaches, according to research by Fastly, a cloud computing services provider. The recovery period exceeds initial estimates by 25%, creating a gap between insurance coverage and actual costs.

The extended recovery timeline represents a change in the cyber threat environment, where the complexity of attacks requires longer remediation periods. The financial impact extends beyond immediate system repairs to include business interruption and reputational damage.

Youtube Placeholder

This trend affects organisations across sectors, with recovery periods now stretching beyond half a year. The duration creates challenges for business continuity planning and risk management strategies.

Marshall Erwin, Chief Information Security Officer at Fastly, says: "Full recovery from breaches is not getting any faster. The revenue, reputation and time lost damages business relationships permanently and drains resources from other areas of the business."

Marshall Erwin, CISO at Fastly

Data from Sophos, a cyber security software company, indicates the average cost of recovery from ransomware attacks - where criminals encrypt company data and demand payment for its release - has increased by £2.15m (US$2.73m) in the past year, marking a 50% rise.

The extended recovery periods create operational challenges beyond direct costs. Companies face disruption to customer services, supplier relationships and internal processes during the remediation phase.

Insurance market response

The insurance market is struggling to keep pace with these escalating costs. Research from Sophos shows 99% of companies filing cyber insurance claims report their policies failed to cover all recovery costs. The primary reason for this shortfall is that total recovery expenses exceed policy limits.

Insurance providers are reassessing their coverage models in response to the changing risk landscape. The gap between policy limits and actual recovery costs raises questions about the sustainability of current cyber insurance products.

Organisations are responding by increasing their security budgets. Fastly's research indicates 87% of firms plan to raise investment in security tools in the next 12 months, an increase of 11% from the previous year.

The research reveals that 50% of cyber security decision-makers express concern about their preparedness for future attacks, despite increased investment in protective measures.

"We are seeing a shift towards a shared responsibility for security across organisations, with increased focus on embedding security measures throughout all projects."

Marshall Erwin, CISO at Fastly

Responsibility for cyber security is spreading across organisations. Platform Engineering teams now handle 8% of cyber security incidents, compared to Chief Information Security Officers at 14% and Chief Information Officers at 12%.

This distribution of responsibility marks a shift from traditional security models, where cyber defence sat within dedicated information security teams.

"We are seeing a shift towards a shared responsibility for security across organisations, with increased focus on embedding security measures throughout all projects," Marshall says.


Make sure you check out the latest industry news and insights at InsurTech and also sign up to our global conference series - FinTech LIVE and InsurTech LIVE


InsurTech is a BizClik brand

Share

Featured Articles

Fadata and InsFocus Launch Insurance Analytics Partnership

Fadata and InsFocus’ insurance technology integration aims to streamline data analysis and business intelligence for global insurers

GFT and Databricks Forge AI Data Alliance

Discover how GFT and Databricks tackle AI's major hurdles: precision and bias, through improved data integration in finance

Insurers Face Modelling Challenges Amid Regulatory Shifts

RNA Analytics director outlines how IFRS 17 implementation, climate disclosures and AI adoption will reshape insurance risk assessment in 2025

US Bank and One Inc Unite to Reshape Insurance Payments

Technology & AI

Insurance Software Provider Fadata Expands Global Presence

Insurtech

Top 10: Sustainability Leaders in InsurTech

Sustainability