In this article, we'll explore why so many companies are adopting cyber insurance in the fight against ransomware and whether insurance can be an effective safeguard.
Since the start of 2021, there has been one story that has dominated the cybersecurity space: ransomware. By July, we’ve already seen many high-profile attacks on organizations such as Colonial Pipeline, JBS, and the Washington DC Police Department, with ransoms going as high as 20 million dollars.
According to the U.S. Government’s Cybersecurity and Infrastructure Assurance Agency, ransomware is defined as an “ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable.” Malicious actors then typically demand a ransom payment in exchange for decryption.
These attacks have spiked in frequency and cost in 2021, with the average ransom reaching $220,298, a 43% jump from Q4 2020. According to the Harvard Business Review, over half of the companies affected by ransomware in 2020 elected to pay the ransom, making it one of the most financially damaging forms of cybercrime.
This alarming increase in attacks has prompted many companies to reconsider their cybersecurity strategy. One of the most popular methods many companies have turned to has been cyber insurance. According to Coverware, cyber insurance premiums for midsize and large businesses have gone up between 10% and 40% on average due to a large spike in demand. This article will explore why so many companies are adopting cyber insurance in the fight against ransomware and whether insurance can be an effective safeguard.
The term “cyber insurance” is used to describe forms of coverage that can protect against potential losses caused by an event such as a data breach or cybercrime. These policies are created so companies can limit their liabilities and protect their bottom line in the event of a cyber attack.
The type of coverage that has recently exploded in popularity to deal with ransomware attacks is business interruption and extortion coverage. This coverage includes ransomware that can disrupt business operations and lead to demands for substantial payments to regain access to the company’s systems and data. Coverage related to these extortion-style attacks can also provide support for:
A select few insurance providers will also support public relations expenses that may be needed to contact affected individuals and manage media coverage to preserve or restore the company’s reputation.
For companies impacted by ransomware, having an insurance policy with the coverages above can provide an invaluable cushion from financial and reputational damage. It can also help organizations get back on their feet and avoid large business losses that stem from pauses in operation. Typically if a policy covers business interruption and extortion, the insurer will cover the insured’s profit that the latter would have earned if there had been no service interruption.
For instance, after its 2019 cyberattack, aluminum company Norsk Hydro received around $20.2 million in cyber insurance from their provider which covered data restoration, hiring ransomware experts, business interruption fees and more. Company executives later stated that this payment was crucial in getting the company back up and running.
The format and structure of cyber insurance policies can vary between providers, as there is no set standard in the industry. Therefore, it is essential to review each policy’s details and understand the exact types of coverage and support provided. With your budget in mind, you can also adjust the liability limits for particular areas and find a nice balance between cost and coverage.
While insurance can help mitigate a large amount of the costs incurred from a ransomware attack, it should not be viewed as a replacement for proper cybersecurity practices. Even if an organization has cyber insurance, it will ultimately be the company’s responsibility to prepare and respond to a cyber attack. The most effective strategy for cyber insurance should be to use it in tandem with cybersecurity as an additional layer of protection. A convenient way to achieve this is to look for cyber insurance providers that also offer cybersecurity tools and packages.
Cybersecurity and cyber insurance are also more beneficial together since most insurance policies strongly incentivize existing cybersecurity practices. When determining an appropriate insurance quote, most insurers will first assess a business’s existing security protocols. This can include passwords management, antivirus software, firewalls, VPNs, and other related security practices. Adoption of other standard security procedures such as device encryption and multi-factor authentication may also be considered. Lastly, underwriters may consider whether the business has a defined incident response plan and adequate resources to address a potential cyber incident.
This makes it, so company’s that already have cybersecurity in place will directly benefit from a more affordable cyber insurance policy.
A cyber insurance policy can be a useful risk management tool to protect a company’s assets from ransomware and a multitude of other threats. With careful planning, it is possible to research and select a cyber insurance plan that complements a business’s cybersecurity practices and helps reduce risk and liabilities.
If you're interested in learning more about cyber insurance and how it can protect your small to medium sized business, check out some of our other articles: