Cloud security remains top concern

Compliance acts as primary driver for obtaining cyber insurance, but budget constraints hinder efforts.

  • Friday, 5th May 2023 Posted 1 year ago in by Phil Alsop

Delinea has published the results of an anonymous onsite survey of more than 100 cybersecurity professionals attending the RSA Conference, being held this week in San Francisco. The questionnaire asked attendees about their top concerns for cybersecurity in 2023 and gathered insights about their organizations' cyber insurance strategies.

Notably, cloud security (39%) continues to be the most pressing concern for cybersecurity professionals, in 2023, more than ransomware (16%) and remote workers (12%). Cloud security was also the main cybersecurity concern in a similar Delinea survey at the 2022 RSA Conference.

The poll also revealed that requests for cyber insurance have declined with only 32% of respondents stating that they applied for coverage (or a renewal) in the past year. This represents a 9% reduction compared to 2022, when 41% of respondents claimed that their organization had already or was strongly considering arming themselves with cyber insurance.

While these numbers could show a dangerous complacency, this decrease may also be attributed to the rising costs of coverage. Nearly 42% of those surveyed named budget constraints as the hardest obstacle for obtaining cyber insurance, with meeting technical requirements (22%) and getting executive buy-in (21%) acting as the second and third largest obstacles.

Interestingly, meeting compliance requirements is the primary driver for seeking cyber insurance, as reported by 40% of those polled, while 29% indicated continued threats of ransomware followed by requirements from board/executives (13%) and customers (12%).

"With the increasing regulatory compliance security standards being put into place, it is now more important than ever for organizations to prioritize cybersecurity, not only to meet these requirements but to ensure that sensitive company, employee, and customer data is protected at all costs," said Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea. "The changing demands and rising costs of cyber insurance place a higher priority on organizations to comply with security controls that make the business insurable at a more affordable price."

Although nearly half (45%) of the survey respondents indicated that they have zero or very basic Privileged Access Management (PAM) controls in place, PAM is being recognized as a key priority, with 34% of participants claiming that PAM is one of the top three technologies their organizations are investing in to qualify for cyber insurance.

"Privileged Access Management solutions offer a significant advantage to organizations seeking to demonstrate to potential cyber insurers that they have reduced risk and become more resilient to cyberattacks," Carson continued.