Category: Cyber Insurance

Cyber insurance is now becoming more widely adopted with 43% of businesses now holding a policy and premiums have fallen for the first time this year, with the Global Insurance Market Index showing a decline of 6% over the last three quarters of 2024. This is due in part to the market maturing and providers becoming more accurate at assessing risk. Ransomware, supply chain attacks, business email compromise, data breaches, human factors and skills shortages were all seen as the key risks this year, with AI and geopolitics set to join the list as insurers seek to align policies with risk.

But the sector is also becoming more prescriptive over what is covered. Around a fifth of insurers elected to remove ransomware protection altogether in 2023 while others have chosen to cap payments. What’s more some of these attacks could be classed as cyber warfare if they are deemed to have been carried out by or sanctioned by a nation state actor. In fact, Lloyd’s of London issued a statement to this effect last year stating that certain policies should include a clause that excludes liability for losses arising from any state-backed cyber attack. For this reason, it’s imperative that businesses read the terms and conditions of their policy and pay attention to any changes that are typically made by insurers on an annual basis. 

Reading the fine print

Unfortunately, many businesses are not familiar with the cover they are afforded. A survey conducted by Apricorn of IT security decision makers in mid-2024 found that 7% of those questioned were unsure whether it covers them adequately in the event of a cyber breach. Others found they were unable to make a claim, with 8% proving unsuccessful in claiming financial assistance from their insurer. However, they were all too aware of what they wished to guard against, with 31% naming ransomware as a top concern when seeking cover followed by phishing and supply chain attacks.

Insurers are also becoming more exacting in their requirements when it comes to the security measures that the business should adopt to meet policy requirements. 

They’ll often want to see how the business plans to protect its data through the use of encryption, access controls and secure storage, for example, as well as the incident response plan which should include provisions for recovery to help the business resume operations. 

Key to this ability to recover is the back-up strategy yet surprisingly few have a multi-layered backup plan that is tried and tested. Ideally, the business should follow the 3-2-1 rule and have at least three copies of data, stored on at least two different media, one of which should be offsite. One copy of the data should be offline, for example, on an encrypted removable hard drive that can be disconnected from the network. And the strategy should be tested on a regular basis to ensure data can be retrieved.

Too many are unable to recover data

The Apricorn survey found that half of those questioned had to resort to recovering data from backups over the past year. Of these, a third (33%) were either unable to do so or could only partially recover their data, illustrating that weak backup processes remain. This is in spite of the fact that almost half (46%) consider robust backup policies to be the most important factor when it comes to compliance with cyber insurance policies, up from 28% in 2023. 

Other key considerations when it comes to meeting insurance demands cited by respondents were password hygiene (41%) and employee training and awareness (43%). These efforts, combined with encrypted storage (both at rest 35% and on the move 39%), regular patch updates (35%) and access controls (36%), were all regarded as essential components of a robust cyber defence strategy.

What the survey reveals therefore is that businesses are aware of what measures they need to have in place but they’re not always blast testing those processes. The tide is turning with the implementation of more robust backup practices but it’s doing so at too slow a pace. There has a significant increase in automated backups, for instance, indicating a move away from manual backups which can see users either forget to save data or make mistakes in doing so. Automated backup to both central and personal repositories has surged to 30%, up from 19% in 2023.

Attacks against backups are on the increase

However, threat actors have been quick to exploit this reliance on repositories. The 2024 Ransomware Trends report found that 96% of ransomware attacks are now aimed at these repositories. This makes it even more critical that companies don’t just rely on these online locations but have air gapped or offline backups of their data. 

Looking to the future, it’s imperative that the cyber insurance sector and their business clientele collaborate more if we are to see premiums reflect and protect against threats accurately and at a sustainable price point. We need to see more transparent policies that adopt clear wording and address current and emerging threats on the insurance side and we need to see organisations not just pay lip service to policy requirements but actively test and add contingency storage on the part of the enterprise. 

Cyber insurance should never be a substitute for risk assessment but should instead be seen as a means of guarding against residual risk once measures have been enacted. Any breach will still result in considerable cost and expense caused by loss of business and reputation, recovery efforts and reporting so reducing the likelihood of it happening is in everyone’s interests.

 

The post Could better backups reduce cyber insurance premiums? appeared first on Cybersecurity Insiders.

Patelco Credit Union Hit by Ransomware Attack Affecting 726,000 Customers

Patelco Credit Union, a U.S. nonprofit financial institution, has disclosed a ransomware attack that compromised its IT systems on June 29 of this year. The attack was carried out by a ransomware group known as Ransom HUB. The breach resulted in the exposure of sensitive information, including full names, Social Security numbers, driver’s license details, dates of birth, email addresses, and other personal contact information of 726,000 customers. Patelco is advising affected individuals to sign up for free credit monitoring services offered by Experian. The credit union also cautions customers to avoid sharing credit card details, CVVs, PINs, and expiration dates with anyone posing as bank or company officials to prevent falling victim to scams or fraud.

ARRL Pays $1 Million Ransom After Ransomware Attack

The American Radio Relay League (ARRL), a national association for amateur radio enthusiasts, has made headlines by paying a $1 million ransom following a ransomware attack in May. The attack encrypted files across several desktops and laptops running on both Linux and Windows systems. As ARRL had an insurance policy in place, the organization opted to pay the ransom, with plans to recover the amount through its insurance claim. Although law enforcement generally advises against paying ransoms, many organizations find it financially viable to do so when recovery costs exceed the losses from the attack.

Decline in Cyber Insurance Premiums Despite Rising Ransomware Threats

The frequency and sophistication of ransomware attacks are on the rise, yet the 2024 Cyber Insurance report by Howden reveals a surprising trend: cyber insurance premiums are decreasing. This decline may be attributed to enhanced cybersecurity measures, increased competition among insurance providers, and market expansion. However, concerns about coverage specifics and general distrust among potential policyholders remain. To address these issues, it is advisable for individuals and organizations to carefully review insurance policies, seek clarification from providers, and fully understand the coverage terms to mitigate misunderstandings and uncertainties.

The post Ransomware news headlines trending on Google appeared first on Cybersecurity Insiders.

Businesses are increasingly recognizing the critical need to enhance their cybersecurity defenses amid today’s evolving cyber landscape. Consequently, they are strategically investing in fortifying their existing infrastructure. This proactive approach has led to a notable decline in the demand for cyber insurance premiums across the UK.

According to a study conducted by cyber insurance firm Howden, the COVID-19 pandemic initially caused a surge in insurance prices throughout 2021 and 2022. However, as economic activities gradually resumed and profit margins improved, organizations found incentive to strengthen their IT defenses tailored to their specific requirements, thereby reducing reliance on insurance coverage.

Howden highlighted that companies implementing robust security measures such as multi-factor authentication have significantly bolstered their resilience against cyber threats. This proactive stance has mitigated the necessity for insurance coverage to protect IT assets.

Moreover, the study unveiled an unexpected insight: the invasion of Ukraine by Russia has coincided with a decline in ransomware attacks. This correlation is attributed to many ransomware groups, predominantly based in Russia, potentially redirecting their focus towards military activities, thereby postponing or decreasing their digital attack efforts.

For businesses deliberating whether to invest in cyber insurance, Howden’s experts offer valuable advice. A comprehensive cyber insurance policy can mitigate the financial impact of cyber incidents by covering costs incurred during and after an attack. This includes expenses related to downtime, recovery efforts, data loss, and potentially legal liabilities from affected stakeholders.

However, securing these benefits entails significant premium payments, which necessitate substantial budget allocations within IT departments. Organizations must ensure adequate financial readiness to support these expenditures to fully leverage cyber insurance protections.

The post Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure appeared first on Cybersecurity Insiders.

Cyber insurance provides financial protection for businesses in the event of a cyber attack. However, despite its benefits, there are several drawbacks to consider before committing to a policy. Here are some key disadvantages:

Evolving Cyber Threats: The landscape of cyber threats is constantly changing as cybercriminals develop new tactics to exploit vulnerabilities. This poses a challenge for insurance providers, as it may be difficult to accurately predict and cover the financial impact of emerging threats. As a result, coverage gaps may arise, leaving policyholders vulnerable to losses that are not adequately addressed by their insurance policies.

Lack of Standardization: Unlike other forms of insurance, such as health or auto insurance, there is no standardized framework for cyber insurance policies. Each provider offers its own terms and exclusions, making it challenging for businesses to compare and select the most suitable coverage. It is essential for businesses to carefully review and understand the terms of any policy before making a decision.

Limited Coverage: Many cyber insurance policies offer limited coverage for certain expenses associated with a cyber attack, such as data restoration, business disruption, and legal fees. Some policies may only cover business disruption costs, leaving businesses responsible for other expenses. It is important for businesses to assess their potential liabilities and ensure that they have adequate coverage for all potential costs.

Vulnerability Assessment: Insurance providers often require businesses to undergo a vulnerability assessment to determine their level of risk exposure. This may involve evaluating the organization’s existing security measures and identifying any vulnerabilities that need to be addressed. While this assessment can help insurers calculate premiums more accurately, it may also result in higher premiums for businesses with greater risk exposure.

Premium Costs: The cost of cyber insurance premiums can be prohibitive for many small and medium-sized businesses (SMBs). Insurers take into account factors such as the organization’s size, industry, and security posture when calculating premiums, which can result in higher costs for businesses with limited resources. As a result, some SMBs may choose to forego cyber insurance coverage altogether, exposing themselves to significant financial risk in the event of a cyber attack.

In conclusion, businesses should carefully consider the potential drawbacks of cyber insurance before purchasing a policy. By thoroughly evaluating their coverage needs and consulting with insurance providers, businesses can make informed decisions that mitigate their cyber risk exposure effectively.

The post Disadvantages of Cyber Insurance appeared first on Cybersecurity Insiders.

In the age of digitization, securing IT assets through insurance coverage presents a challenge, particularly in convincing board members to allocate funds for cybersecurity. However, the investment yields significant benefits, as outlined below:

Comprehensive Coverage: Cyber insurance shields businesses from various repercussions following a cyber attack, including financial losses, legal fees, and recovery expenses. It’s essential to scrutinize policy details, as coverage may vary based on premium amounts.

Compensation for Downtime: IT infrastructure disruptions can lead to substantial revenue losses during downtime. A single attack can cost a business an average of $1 million.

Protection Against Ransomware and Phishing: Ransomware and malware attacks can jeopardize businesses, with some unable to recover financially and forced to shut down permanently. Certain insurers cover costs associated with such attacks, including downtime losses, security expert hiring, ransom payments, and data recovery, provided businesses carefully review coverage terms.

Support for IT Staff: Cyber attacks can induce significant stress among IT professionals, with some studies even linking them to suicidal tendencies. Insurance coverage can provide financial support, helping individuals cope with emotional stress.

Reputation Management: Insurance coverage can safeguard a company’s reputation amid social media speculation following an attack. Competitors and malicious actors may attempt to tarnish a business’s image, but insurance can mitigate such risks. Some insurers even offer negotiation services with hackers, facilitated by forensic experts, as a last resort to resolve threats.

Investing in cyber insurance not only mitigates financial risks but also provides crucial support in navigating the complexities of cyber threats in the digital era.

The post Five 5 benefits of having a cyber insurance cover on hand appeared first on Cybersecurity Insiders.

In an era dominated by digital transactions and interconnected networks, the importance of cyber insurance cannot be overstated. Cybersecurity threats loom large, making it crucial for businesses to not only invest in robust preventive measures but also secure a comprehensive cyber insurance policy. However, the real test comes when a cyber incident occurs, and it’s time to make a claim.

Here are some essential tips to navigate the process successfully:

1. Understand Your Policy: Before a cyber incident occurs, thoroughly review your cyber insurance policy. Understand the coverage limits, exclusions, and specific requirements for filing a claim. This proactive approach ensures that you’re well-prepared and can expedite the claims process.

2. Prompt Reporting: Immediate reporting of a cyber incident is crucial. Insurance providers often have specific timelines for reporting, and delayed notifications may affect the processing of your claim. Establish clear internal procedures for reporting incidents promptly to both internal stakeholders and the insurance company.

3. Document Everything: Detailed documentation is the key to a successful claim. Keep records of the incident, including the timeline of events, actions taken to mitigate the impact, and any communication with third parties. This documentation not only sup-ports your claim but also helps in the investigation process.

4. Engage with Law Enforcement: In cases of cyber-crime, involving law enforcement can strengthen your claim. Coordinate with relevant authorities and obtain official re-ports, as this can bolster your case and provide evidence for the insurance company.

5. Cooperate with the Insurer: Establish open lines of communication with your insurance provider. Cooperation and transparency are vital during the claims process. Keep the insurer informed of any developments and promptly provide any requested documentation or information.

6. Work with Cybersecurity Experts: Engage with cybersecurity professionals to con-duct a thorough investigation into the incident. Having experts validate the impact of the breach or attack adds credibility to your claim and ensures that all relevant information is presented accurately.

7. Quantify Losses: Clearly quantify the financial losses incurred due to the cyber incident. This includes direct costs such as system repairs, legal fees, and public relations efforts, as well as indirect costs like business interruption and reputational damage. Ac-curate documentation strengthens your case during the claims evaluation.

8.Review and Update Security Measures: After an incident, take proactive measures to enhance your cybersecurity posture. Insurance providers may require policyholders to implement specific improvements as a condition for coverage. Regularly updating and strengthening security measures demonstrates a commitment to risk mitigation.

9. Legal Counsel: In complex cases, consider seeking legal advice to navigate potential legal implications and obligations. Legal counsel with expertise in cyber insurance can provide valuable insights and ensure that your interests are protected throughout the claims process.

10. Post-Incident Review: After the claim is settled, conduct a comprehensive review of the incident and the claims process. Identify lessons learned and areas for improvement in your cybersecurity strategy and insurance coverage. Use this information to enhance your overall risk management approach.

By following these tips, businesses can position themselves to effectively claim their cyber insurance coverage in the event of a cyber incident, minimizing financial losses and mitigating potential long-term impacts on their operations.

The post Essential Tips for Claiming Cyber Insurance Coverage appeared first on Cybersecurity Insiders.

Over the past two years, security analysts have been discussing the impact of cyber insurance on ransomware attacks. There have been claims that companies covered by cyber insurance end up paying higher amounts to hackers who launch such attacks. Tech platforms like Quora and Reddit have even allowed discussions on which cyber insurance covers attract the most criminals, adding fuel to the debate.

To address these concerns and put an end to speculative discussions, the National Cyber Security Centre (NCSC) partnered with the Research Institute for Sociotechnical Cyber Security to conduct a comprehensive study. The aim was to investigate whether having insurance coverage influences cyber criminals to demand more from their victims and whether insurance companies secretly pay commissions to these criminals for demanding higher ransoms.

After meticulous research and analysis, the joint report from NCSC and the Research Institute revealed that there is no “compelling evidence” suggesting that ransomware attack victims with cyber insurance end up paying more than those without any insurance coverage. The findings indicated that being covered by a cyber insurance policy did not significantly impact the ransom amounts paid by the victims.

Furthermore, the evidence collected during the study did not indicate any suspicious collaboration between insurance companies and ransomware spreading criminals. There were no indications that these companies incentivize or encourage hackers to demand higher ransoms from insured victims to maximize their own benefits.

In response to the growing concern over ransomware threats, British officials from Whitehall have initiated discussions on a Counter Ransomware initiative. They recognize that various government departments face acute digital threats and are actively seeking measures to combat cybercrime. The British Parliament, in collaboration with the NCSC and other government partners, is working to implement effective strategies to counter this rising cyber threat, which poses significant challenges to businesses and organizations operating in the country.

While concrete actions are being taken to address the issue, it remains crucial to safeguard IT assets from file encrypting malware threats. Additionally, efforts must be made to ensure that insurance firms do not engage in any collusion with criminals, ensuring a more secure and resilient cybersecurity landscape for businesses and individuals alike.

The post Report says no evidence that cyber insurance coverage makes victim pay more appeared first on Cybersecurity Insiders.

Insurance companies like Lloyd offer cyber insurance policies that cover a business from facing a business loss during a cyber-attack. However, in coming days, cyber attacks will become uninsurable, as per Mario Greco, the Chief of Zurich Insurance.

Mario, who leads the Europe’s biggest insurance firms, predicted that digital attacks will lose their sheen with time, as business facing such threats cannot be monetarily covered because of multiple reasons.

Already climate changes and pandemics have squeezed out the most from the health sector and coming few days the time seems to be apt for the cyber sector.

As govt funded, hacking groups are involving in such threats from time to time, the threat landscape seems to turn irrational in times to come.

Attacks on hospitals, shut down of fuel supply, disrupting critical infrastructure such as cutting down power and water supply will turn into a trend as countries are engaging consistently behind each other.

Spiraling costs from cyber losses have prompted sector underwriters to tweak their coverage against losses. And this is where it is making insurance seekers wise, as they want all of their IT components covered with no exceptions and end up paying double or triple the current premium.

Fairness seems to be equally balanced on both sides, as the two involved parties want to be proactive before anything goes wrong.

So, will cyber insurance vanish with time?

Not exactly say experts, as a company can still make profits if it charges a hefty premium and technically covers the prevailing threats in the current cyber landscape. But the same doesn’t seem to be true with ransomware, as what if the Not Petya malware strikes an entire country at a time locking down systems in a geographical region forever?

Covering such e-pandemic related losses will be next to impossible…. isn’t it?

 

The post Insurance cover becoming impossible for Cyber Attacks appeared first on Cybersecurity Insiders.

Cyber Insurance premiums are becoming dearer and the reason for such a rise is claimed to be sophistication in attacks that are making mitigation and recovery expensive. Most companies are showing laxity in following basic cyber security hygiene, leading to a surge in cyber-attacks and data breaches.

Marsh’s Market Index shows the cyber insurance market in the United States will surge 100 percent to witness a year on year growth by the end of 2022. And in coming months, there might be a 70% increase in cyber claims leading to an increase in premium costs by 20-30%.

Lloyds insurance claims that companies witnessed losses on products between 2018 and 2019 because of ransomware attacks. And after the lockdown, when companies were finding it difficult to cope up with the lockdown losses, those buying insurance came down by 34%. This can be due to budget issues, lack of awareness, a kind of illusion that no one will target their small firm and last, but not the least, trouble in having the right people on hand to guide on what is prevailing in the current cyber landscape.

So, is the trend of rising insurance costs going to be witnessed in the coming years?

Well, yes, companies should brace up with rising costs if they desire to keep their IT infrastructure insured from many hacks, especially ransomware attacks. Before getting a quote, they need to be specific about what needs to be covered under cyber insurance and what needs to be excluded.

Better if you go for a policy that covers looses incurred through ransomware attacks as estimates are in that they might touch a double-digit figure ranging in millions, pretty soon, and can lead to a business windup on a permanent note.

 

The post Premium for Cyber Insurance has soared over the past few years appeared first on Cybersecurity Insiders.

Lloyd’s London, one of the largest insurance services providers in the world, has disclosed that it is making amendments to its cyber insurance laws that will come into effect from March 2023. And as per the latest, all risks emerging from cyber attacks that are funded by nations will be excluded from the cyber insurance policies and the new rule will apply to all the new policies and the about-to-be renewed ones.

Lloyd’s decision came after reviewing the consequences of the ongoing digital war between Russia and Ukraine. It also added in its latest update that such threats are causing systemic risks to the entire insurance market and, to mitigate the risks, it has excluded state-sponsored cyber attacks from its coverage policy.

All insurance companies exclude the risks inferred from war like situations. And so does Lloyd that sent a memo to the company’s 75 insurance syndicates.

It’s obvious and expected to say some veterans of the security industry. Frederick Pennington, who led a multinational technology firm, as a CTO, till the year 2020 felt that companies are becoming gingerly in what to cover and what not; for the risks associated with the cyber attacks.

During a recently held RSA Conference, Rob Joyce, the director of NSA, also stated that same in one of his tweet that was too sarcastic.

Rob concluded that insurance companies will find it tough to alienate attacks that are state funded and those that are launched by individuals.

Usually, such threats are figured out with the level of sophistication with which they are launched. However, most threat groups such as the ones spreading ransomware are becoming sophisticated that it’s becoming hard to predict whether they are launched by advanced Persistent Threat(APT) groups.

NOTE- Attribution of attacks to nations is hard to prove and will never stand in a court of law. So, such amendments might pave the way for challenges from customers, especially from those whose renewal is pending.

 

The post Lloyd’s excluding nation-state cyber attacks from Cyber Insurance appeared first on Cybersecurity Insiders.