When Ransomware Attacks, Are You Ready to Respond?
With an alarming uptick in data breaches and ransomware in recent years, an increasing number of businesses are investing in cyber liability insurance to protect themselves from cyber-attacks.
According to Statista Cybercrime is up by 11% over last year. Clients are aware that it’s no longer a matter of if they get attacked, but when. In fact, cybercrime is set to cost companies $5 trillion in 2020. The average digital ransom for example is rising. With an estimated $8,100 price tag per incident, the total amount is staggering according to the article Ransomware Facts, Trends & Statistics for 2020 from Safety Detectives.
Companies are investing between $7.5-$10 billion this year in cyber risk insurance. Yet, when disaster strikes, rarely do these companies receive payouts. Why?
Cyber Liability Insurance, an Unregulated Market
Cyber threats, and especially ransomware are getting more sophisticated. As businesses’ technology footprint gets larger, more complex, and difficult to manage, the risk surface is getting larger. Add to that the fact that they rely more and more on contractors and managed service providers.
As the threat landscape continues to expand and ransomware is a common event, many insurance companies are restricting payouts by creating more claim exceptions and exclusions. Some of these are apparent, while others are hidden within confusing policy applications. As a result, many policy-holders are left holding the short end of the stick when the cyber liability insurance company disqualifies a claim.
Insurance companies offer payouts that only cover 2% of millions of dollars incurred in damages. Because the market is new and unregulated, the risk of wide-range multiple attacks across insurance customers is high. Add to that the blurred lines between property, auto, and cyber risk, and you get insurance companies that are hesitant to deliver payouts.
We will explore several aspects of compliance for cyber liability insurance. You will learn about all the necessary steps involved in complying with the policy requirements to make an undeniable claim for maximum payout.
Reasons Cyber Liability Claims Are Denied
If you are paying good money to cover your losses in the event of a breach, the last thing you want is a battle with the insurance company to collect when you file a claim. But the truth is, that having a compliance management system to regularly verify compliance with the policy, also reduces the likelihood that the company will ever need to file a claim in the first place. A compliance management system proactively discovers and exposes vulnerabilities that can be fixed to strengthen the IT environment and protect it from cybersecurity risks such as ransomware attacks.
With all the risks involved in following through on payouts, cyber liability insurance companies are padding their policies with coverage exceptions.