Since the start of the COVID-19 pandemic, cybercriminals have become increasingly active. Not only has there been an upsurge in the number of ransomware attacks, but there has also been an increase in multi-million-dollar payouts to cybercriminal groups, who have become increasingly professional in their mode of operating.
Recent high-profile cyberattacks, like the SolarWinds Orion Security Breach and the Colonial Pipeline Ransomware Attack, highlight how cyberattacks can have far-reaching consequences. For example, insurance carriers pay an extraordinary amount of money for claims to fulfill extortion demands.
These events have resulted in cybersecurity insurance carriers putting more stringent cybersecurity requirements on their clients and a steady rise in cybersecurity insurance premiums. According to Jonathan Roy, designDATA’s Director of Cybersecurity and Compliance, and Derek Symer, Director of Nonprofits at AHT, enterprises can expect to pay as much as 80 percent more for their cybersecurity insurance. Underwriters are also rapidly revising their business models and exploring new options due to the upsurge in ransomware attacks and their resultant costs in covering those claims.
The value, then, in cybersecurity insurance is clear: it allows your organization to transfer some of the financial cybersecurity risks to an insurance carrier. These risks stem from both internal and external sources; from an employee unintentionally opening an email attachment containing ransomware to a malicious insider deliberately providing access to an organization’s network. Attackers often infiltrate systems months before making their move, and organizations may not even realize their financial assets or data have been compromised until it is too late.
The risks posed by ransomware attacks can lead to significant financial losses. These include the costs to un-encrypt data, lost revenue due to business downtime, irreparable damage to an organization’s reputation, consulting fees to restore or improve systems, and numerous other unplanned expenses.
Considering cybersecurity insurance coverage
There is no escaping it: no matter the size of your organization, if you rely on IT systems, maintain digital records, use computers, or accept emails and have a publicly accessible website, you are vulnerable to a cybersecurity attack and need cybersecurity insurance.
As a starting point, organizations need to have comprehensive cybersecurity policies and procedures to avoid becoming victims of cybercriminals. A full Incident Response Plan is also essential for dealing with a security incident.
However, to transfer the residual risks and effectively respond to and recover from a cybersecurity breach, comprehensive insurance coverage is vital. This should cover an organization’s liability from cybersecurity incidents, including a data breach where personal or sensitive information is compromised, and where an organization experiences business interruption, harm to their reputation, or network damage.
What should organizations look for in their cybersecurity insurance policies?
When reviewing the policies offered to you by carriers, at a minimum, the essential coverage should include ransomware and data breach extortion, digital asset restoration, and funds transfer fraud. Limits should be based on your organization’s expected loss for each category during such a cyber attack (check with your IT and Financial departments). Retentions (or deductibles) should be based on how much you are willing to pay out of pocket, with lower deductibles resulting in higher insurance premiums.
Additional options include coverage for crisis management and public relations, reputational harm, and service fraud.
Also worth considering is coverage that extends to a security incident or outage with third parties, such as your web or database hosting company. Without such coverage, a major breach at a third party you used could leave you shouldering your own business interruption and reputation repair costs.
Another important consideration regarding your cybersecurity insurance policy is the attestations – the assurance you give the insurance carrier that you are meeting certain cybersecurity hygiene provisions.
When it comes to attestations, ensure you include the head of your cybersecurity or IT department to help answer any relevant questions. These should be answered truthfully. While an underwriter may not second guess you during the application process, should you file a claim, they will vigorously investigate if you’ve been faithful to your attestations. If you weren’t doing what you said you were, you could risk having your claim denied.
If you can’t reasonably comply with what your insurance provider is expecting, consider other carriers. Every insurance provider approaches the matter of cybersecurity differently, and it is best to find a carrier that best suits your needs and fits within your business model and budget.
How can designDATA help with your cybersecurity needs?
designDATA’s experts will take the time to review your current cyber coverage from a technology perspective to ensure it is appropriate for the risks your enterprise faces. We can also help you build a comprehensive Incident Response Plan to ensure you are fully prepared for the possibility of a cyberattack.