The cyber security insurance market is evolving amidst an increase in ransomware demands and payments. Insurance companies have been taking on unmitigated risk, but as we begin to better understand the threats, insurers are moving the risk over to the subscribers, requiring stricter controls.
Cyber Security Insurance Companies Requiring Stricter Controls
Cyber security insurance companies are changing their approach in dealing with ransomware. ZDNet claims that ransomware accounted for 41% of all cyber insurance claims in the first half of 2020 with claims ranging in size from $1,000 to over $2 million per ransomware incident. Out of all the cyberattacks in 2019, the attacks from the malicious malware known as ransomware have increased to 62% up from 56% the previous year. Latest studies indicate there is one attack every 39 seconds with demands for payments increasing year-over-year and at a high volume especially since RaaS (ransomware-as-a-service) adopted big-game hunting tactics (BGH = targeting enterprises). Whether a small business or a large enterprise, attackers have had an 80% rate of success. These statistics are alarming to the insurance industry and they should be.
Today, cyber insurers have not had strict requirements to underwrite a policy. This is very different from, let’s say, insuring an office building or your home from fire. It is best practice to have fire insurance, but to get coverage, the building owner/managers need to mitigate fire risk and install a sprinkler system. If they don’t, the insurer will demand the system be installed to accept the risk and provide the coverage needed. Similarly, cyber insurance brokers are further examining the risks they take and are beginning to push additional control measures to help mitigate ransomware risk. Underwriters are catching up with the myriad of changes happening in the data center and just like the security professional, they too are at a critical moment as this landscape evolves. “The cyber insurance market has rallied around the need for more sophisticated ways to mitigate ransomware,” said Mr. Maher, North America Cyber, AXIS Insurance (Insurancebusinessmag.com/us/ib-talk).
What does all this mean for the IT professional?
Cyber insurers see the value of claims rise because of malicious attacks, especially because of RaaS, and are seeking to impose changes, such as a set of minimum standards, to underwrite cyber insurance. If you don’t have the minimum to meet their required control, they won’t grant the policy until you have. Accordingly, to mitigate effectively, the following standards are being proposed as a good start:
This list is not exhaustive; cyber security best practices recommend implementing anti-virus protection and encryption as techniques to enable controls. Check out the cybersecurity & infrastructure security agency for ransomware guidelines CISA.GOV for a complete list.
Savvy Security Professionals Keep Copies of Data Offline and Offsite
Some of these standards are in addition to what is a customary approach to data protection and network security. Based on forensic data available, we know that more network and backup controls are necessary, because criminals are penetrating networks going undetected for many days, even months using sophisticated methods that could be resolved using known security techniques. It’s not a straightforward formula for insurers either. They also have OFAC requirements and advisory that must be met and depending on who the threat actor is or what country they’re operating from, they may exclude coverage. This is bad news for the insured and is more reason to understand why savvy security professionals keep copies of data off-line and off-site and understand that mitigating ransomware risk requires more than buying a cyber insurance policy. How can brokers and cyber insurance underwriters help stop this vicious cycle? Demanding stricter guidelines for coverage.
Quantum Solutions Help Organizations Mitigate Ransomware Risk
Quantum offers solutions to help you mitigate the risk of ransomware. You can rely on our ActiveScale object storage platform to secure data in flight and at rest with encryption and to further protect data against ransomware with Object Lock capability. Object Lock policy for retention and immutability, once set, can’t be modified, even with administrative permissions.
Our Scalar tape libraries with Active Vault technology protects data against ransomware true air-gap protection and multi-factor authentication. The tape library with Active Vault creates an offline partition with an automated robot moving tape cartridges from a network connected partition to a vault partition. Quantum’s solutions have been designed to help organizations mitigate ransomware risk and comply with new cyber insurers’ demands. With that in mind, Quantum created simple and complete Ransomware Protection Packages that include all the security features needed to air-gap and securely vault your data, making your backups and long-term storage immutable. Check out our Ransomware Protection Packages here.
Great post, very informative.
Cybercrime is becoming more and more relevant, even for other areas as cyber securtiy.
A great explanation of this ever changing landscape and the solutions available.