A new study by Embroker, a business insurer that uses machine learning and artificial intelligence to tailor insurance policies, asks an excellent question: For startup founders, how big a deal is cybersecurity?
Yes, It's a Big Deal
The answer is “plenty.” Dig a little deeper, as Embroker did in its research, entitled Cyber Security Report: Startup Edition, and the reasons are clear, according to its survey of 400 venture capital-backed organizations.
Startups are proving to be a fertile ground for managed security service providers (MSSPs) and managed service providers (MSPs) whose expertise is likely to be valued and trusted as young companies ramp up their cybersecurity profiles. Startups often lack in-house expertise to measure and mitigate cyber risk.
For example:
- Nearly seven in 10 startup founders have been hit by a cyberattack, prompting nearly 90% of those leaders to have some level of cyber protection in place. And, as a case in point, more than 70% believe their protection isn’t enough and are considering adding more protection and tools this coming year.
- Nearly one-third (31%) more concerned about cybersecurity threats than a year ago, and 14% more founders believe they’ll suffer an attack at some point during the holiday season (36% in 2021 to 50% in 2022).
A Closer Look at the Research
Here are some more findings from Embrokers’ research:
On startups and cyber insurance: There’s some confusion about how much is enough.
- Of founders that said their company has cyber insurance (86%), over 52% described their type of coverage as either “customized to our needs” or “the most comprehensive” package available.
- 50% of the startups with cyber insurance stated that their current policy would only partially cover their risk in the event of an attack or breach.
- Of those that lack cyber insurance, the number one reason cited for this was cost (44%).
On internal pressure from investors and/or the board: Half of the respondents feel the heat.
- 49% cite cybersecurity insurance protections as required by both investors and the board to boost cyber protection.
- 35% said media coverage on other companies’ data breaches exerted some pressure to fortify cyber defenses and reevaluate their insurance coverage.
- 32% said managing a hybrid/remote workforce is a driver of increased protection.
On geopolitical issues driving demand: The war in Ukraine.
- Embroker saw a 50% uplift in the number of applications for cyber policies shortly after the war in Ukraine began. Much of that has to do with Russian cyber aggression in the war and cascaded to founders’ concerns over potential retaliatory cyberattacks from Russia on U.S. infrastructure and businesses.
On 2023 and beyond: Inflation, cyberattacks and supply chain issues.
- Founders are most concerned about inflation in 2023 (32%), cyberattacks (27%), and supply chain challenges (26%). In last year’s study, founders listed their top three concerns as inflation, supply chain issues and competition. At the time, cybersecurity didn’t rank among their strongest concerns.
- The top three “non-negotiable areas of investment” for the coming year are: product innovation (32%), cybersecurity protection (31%) and equipment upgrades (30%).
