Cyber Insurance and Ransomware

Secure Computer Screen

More organizations are purchasing cyber (aka cyber liability) insurance than ever before.  A 2021 survey by CIRA found that 6 out of 10 Canadian organizations (with in excess of 50 desktop computers) have cybersecurity insurance.  Out of those, 3 in 10 have a policy which is specifically for cybersecurity protection. 

One of the most common cybersecurity threats facing organizations is Ransomware. 

What Is Ransomware?

Ransomware refers to malicious software (malware) that threatens to expose, or limit access to, data or a computer system by encrypting it until the victim pays the attacker a price. The ransom demand is often accompanied by a deadline.  If the victim does not pay the specified amount promptly, the threat is that the data will be lost permanently, or the ransom will be increased

Ransomware has affected major corporations in both North America and Europe. Cybercriminals will target any individual or firm, and victims come from various industries.

Cyber Insurance and Ransomware

Most typical property and casualty policies did not cover Ransomware before 2017.  Beginning in 2020, several major cyber insurers reported high direct loss rates for solo cyber insurance policies, prompting them to limit cyber extortion and ransomware plans and/or implement co-insurance conditions, requiring the insured to bear more of the risk. 

Insurance companies have also become more demanding as to the security measures their customers must have in place to protect themselves.  If you have recently gone through the process of obtaining or renewing cyber liability coverage, you will have had to complete a more comprehensive questionnaire about what protections you have in place.  Based on your answers, in some cases expect coverage to be denied until your security gaps are covered. 

Cyber insurance is no more a ‘nice-to-have’ but an essential component of a comprehensive security plan.

What to Look For in Ransomware Cyber Insurance Coverage

Companies should seek ransomware coverage that employs broad vocabulary and protects against a variety of threats, including attempts to:

  • Access data on your network, including digital assets to be sold, disclosed, or misused.
  • Access software or programs to be altered, damaged, or destroyed.
  • Introduce harmful software, such as viruses and programming that propagates itself.
  • Harm or restrict access. Look for rules that include wide definitions, such as “threats to disrupt corporate operations.”
  • Pharming or phishing to impersonate insurance, to get sensitive information from its customers.
  • Make use of your network to spread malware.
  • Deface or meddle with the website of your firm.

How to Detect Ransomware and Protect Yourself from It

Prevention is better than the cure when it comes to ransomware protection. Regular employee training on how to spot suspicious online activity as well as good software tools to help prevent malware from entering your network are all important.  Having said this, even the finest preventive measures can fail.  Having a protected backup of your data is critical to recovering from a Ransomware attack. 

Conclusion

Before deciding on cyber insurance coverage, be sure to consult with an insurance broker knowledgeable in this area, to analyze all available choices.   Also keep in mind that in the battle against cybercrime, cyber insurance is just one component of a complete cyber security strategy. 

BSC Solutions Group offers a complete range of cyber security solutions to help your organization safeguard your data and privacy.  Book your Cyber Security Assessment today to learn how your organization stacks up against the threat of cyber attack.