The growing number of ransomware attacks has taken a toll on many organizations, but it has also had a huge impact on the cyber insurance industry, which has found itself having to cover significant ransomware demands. This required a change in policies, but also the need to improve cyber insurance with cybersecurity knowledge.
In this interview with Help Net Security, Odin Olson, vice president of alliances for Arctic wolf, discusses the impact of ransomware on cyber insurance and the link between security operations and the insurance industry.
Ransomware attacks have reached unprecedented levels in recent times. How has this impacted the cyber insurance industry?
Not only have ransomware attacks increased, but the amount of ransom demanded has increased exponentially, reaching somewhere between $ 50 million and $ 70 million. Cyber ââinsurers cannot cover “whatever amount the hacker demands” – major policies have therefore lost money. Insurers have responded by raising premiums, restricting coverage, or even pulling out of the cyberinsurance game altogether in vulnerable markets.
Prior to 2017, most insurers covered ransomware under traditional P&C policies. Starting in 2020, several leading cyber insurers reported massive direct loss ratios for stand-alone cyber insurance policies and began to under-limit cyberextortion and ransomware policies and / or enforce coinsurance provisions, forcing the ‘assured to share more of the risk.
Between rising costs and the evolving consequences of ransomware attacks, the cyber insurance industry is operating at a loss, forcing a market overhaul.
Why do you think businesses are unaware of the value of cyber insurance and what can be done to change that?
There are many reasons why organizations don’t take action. Even those who are aware of the value often do not purchase cyber insurance. Part of this is price, part of the âwon’t happen to usâ mentality, and increasingly coverage and exclusions severely limit value for customers.
According to a study from Hanover, 40% of American businesses have no cyber insurance or a limit of $ 1 million or less in an insurance policy. With ransomware attacks targeting a wide range of industries, from technology to critical infrastructure, cyber insurance is an integral part of a larger security strategy and must be integrated into the larger investment in security operations.
What should businesses be aware of and what should they insure themselves in order to get insurance coverage?
Coverage, prices and requirements. Companies must be prepared for major changes in each of them; some can be shocking. We have seen many examples of bonuses tripling.
Investigate other carriers, deductibles and levels of coverage early. Some of the policies are likely to include new or modified requirements for security tools and operational maturity. It is very common to have multi-factor authentication as a strict requirement. It cannot be implemented overnight.
Another common requirement is 24/7 security monitoring with logging. Comprehensive security operations platforms meet many of these requirements and can be integrated quickly.
How are security operations and the insurance industry linked?
Effective security operations are essential to minimize both the likelihood and the impact of a cyber attack. Disparate tools will not solve the efficiency problem facing organizations around the world, nor will they withstand the risk assessments and demands of external insurers. An effective security operations strategy provides risk managers with the foundation to negotiate confidently with insurers and define a long-term cybersecurity program that protects the entire business.
For insurers, it is possible to partner with security operations experts to extend their cybersecurity expertise, to enable more precise and precise calculations for policyholders. Cyber ââinsurers and security operations professionals must break silos and recognize that together they have a unique opportunity to coordinate effectively to better protect businesses.
What future for the insurance sector? How important is it for insurers to learn more about cybersecurity?
It is essential that insurers deepen their knowledge of cybersecurity. Providers that do so will be able to take full control of their policies. A better understanding of the cyber threat landscape will allow them to more accurately calculate the risks to policyholders and set a standard for businesses in risk assessment.
One of the biggest challenges facing insurers is the fear of subsidizing cybercrime. As insurers discover the landscape and partner with the judiciary and regulators, they can define the market that protects businesses, without subsidizing cyber extortionists.
Drastic changes are coming, otherwise the cyber insurance industry will continue to operate at a loss. It is essential that insurance providers partner with security organizations to protect businesses – cyber insurance is no longer a ‘good to have’, it is an important part of a larger security strategy .