When Ransomware Attacks, Are You Ready to Respond?

With an alarming uptick in data breaches and ransomware in recent years, an increasing number of businesses are investing in cyber liability insurance to protect themselves from cyber-attacks.

According to Statista Cybercrime is up by 11% over last year. Clients are aware that it’s no longer a matter of if they get attacked, but when. In fact, cybercrime is set to cost companies $5 trillion in 2020. The average digital ransom for example is rising. With an estimated $8,100 price tag per incident, the total amount is staggering according to the article Ransomware Facts, Trends & Statistics for 2020 from Safety Detectives.

Companies are investing between $7.5-$10 billion this year in cyber risk insurance. Yet, when disaster strikes, rarely do these companies receive payouts. Why?

Cyber Liability Insurance, an Unregulated Market

Cyber threats, and especially ransomware are getting more sophisticated. As businesses’ technology footprint gets larger, more complex, and difficult to manage, the risk surface is getting larger. Add to that the fact that they rely more and more on contractors and managed service providers.

As the threat landscape continues to expand and ransomware is a common event, many insurance companies are restricting payouts by creating more claim exceptions and exclusions. Some of these are apparent, while others are hidden within confusing policy applications. As a result, many policy-holders are left holding the short end of the stick when the cyber liability insurance company disqualifies a claim.

Insurance companies offer payouts that only cover 2% of millions of dollars incurred in damages. Because the market is new and unregulated, the risk of wide-range multiple attacks across insurance customers is high. Add to that the blurred lines between property, auto, and cyber risk, and you get insurance companies that are hesitant to deliver payouts.

We will explore several aspects of compliance for cyber liability insurance. You will learn about all the necessary steps involved in complying with the policy requirements to make an undeniable claim for maximum payout.

Reasons Cyber Liability Claims Are Denied

If you are paying good money to cover your losses in the event of a breach, the last thing you want is a battle with the insurance company to collect when you file a claim. But the truth is, that having a compliance management system to regularly verify compliance with the policy, also reduces the likelihood that the company will ever need to file a claim in the first place. A compliance management system proactively discovers and exposes vulnerabilities that can be fixed to strengthen the IT environment and protect it from cybersecurity risks such as ransomware attacks.

With all the risks involved in following through on payouts, cyber liability insurance companies are padding their policies with coverage exceptions.

  • Limited coverage –  Most insurance policies are limited to cover cyber-attacks and unauthorized activity but do not cover errors or omissions. When deciding whether to pay out a claim, an insurance company could simply point out a failure to report a change in the IT environment.
  • Time limitations – Most claims are limited to paying out losses incurred during the network interruption due to the cybersecurity event, and not for the entire period that the operations have been interrupted.
  • Third-party woes – Claims involving contractors and outsource service providers are routinely denied because of accountability and permissions management of critical and sensitive service accounts. When deciding whether to pay out a claim, an insurance company could simply point out a failure to report a change in the IT environment.
Reasons Cyber Liability Claims Are Denied

What are your responsibilities when investing in cyber liability insurance?

It is the responsibility of the company investing in cyber liability insurance to read the fine print. Look for other legalese that is designed to minimize payouts and boost the loss ratio. The loss ratio is the ratio of premiums to payouts—the profit motive driving cyber liability insurers.

To receive a fair payout requires education, preparation, and documentation. It all starts with raising awareness about the risk of lower payouts and putting a plan in place to mitigate that risk. This can be done by putting in place a compliance management system that provides timely alerts about potential risks. Taking corrective action on these items is key to have a favorable outcome in case of a claim.

The Top 5 Reasons Cyber Liability Claims Are Denied

  1. Companies Have Poor Prevention Practices in Place – The number one reason insurance companies deny claims is clients failed to comply with insurance policy practices to secure data. As a result, the company is exposed to ransomware attacks and other threats. MSPs can help clients address this by coaching them to adopt compliance measures.
  2. Companies Fail to Document Preventative Measures – The key to ensuring insurance payouts is documentation before disaster strikes. The process of securing documentation is tedious. A compliance solution like Compliance Manager can streamline this by automating compliance documents, screenshots, and data.
  3. A Third Party or Contractor Is at Fault – Ongoing assessments can help identify and fix security gaps before threat actors gain a foothold.
  4. Accidental Errors and Omissions – By processing information and data in detailed reporting, clients can tell their story coherently. You can use compliance software to supply and record accurate data in advance. That way, if a cybersecurity disaster occurs, providing compliance documentation becomes much easier.
  5. Coverage Doesn’t Extend Beyond Interruption Time Frame – This is an opportunity to educate your clients on contracts and provide added value for them. Cyber liability insurance plans vary and advising your customers to pay close attention to coverage timeframes could mean the difference between covering all their losses versus just a small percentage.

When you are aware and understand the process of securing fair payouts, you can ask that your IT department or MSP to take the necessary steps to secure your environment. The first thing you should take into consideration is reporting. Most cyber liability insurance plans won’t pay out unless proper documentation of compliance effort is made available.

Reporting: Proving Prevention to Assure Payouts

The top challenge associated with cyber liability insurance payouts is proof. Delivering reports that show due care to maintain a secure environment is one way to help your customers get paid.

A compliance solution, such as Compliance Manager by SotoNets Cloud Solutions can walk you through all the necessary steps involved in compliance reporting. With built-in application questions taken directly from dozens of the largest cyber insurance companies, there’s no guesswork when it comes to compliance with the policy terms.

This type of solution quickly reveals specific red flags that may prevent a ransomware attack in the first place. It will also help getting paid in the event of a claim, and it prescribes a corrective path. Then, if you ever do have the need to make a claim, you’ll have proof of the due care necessary to compel the insurance company to pay.

Building out bulletproof evidence in your favor ahead of time will help make an undeniable claim for maximum payout. Reporting, when coupled with detailed compliance, is essential in recuperating costs from an attack.

5 Ways to Stay Compliant with Cyber Liability Insurance Requirements

  1. Understand your cyber liability insurance contract – It’s up to you and the managed IT service provider, to read the fine print of the insurance policy and understand the ramifications. With the sharp rise in unpaid claims in the last year, it’s likely you will encounter pushback from your insurance company when filing a claim.
  2. Compliance Assessment – One powerful way to stay prepared is with compliance assessments. Understanding the IT environment is key to developing an effective compliance plan. Once you understand the landscape and environment you are working with, you can address misalignments between existing procedures and insurance policies. The assessment should include reports that itemize risk areas.
  3. Remediation Services – Once the cybersecurity assessment is completed, you need to engage your IT department or managed service provider to implement remediation measures to secure your IT infrastructure against attacks. This is the most effective way to increase your credibility and demonstrate compliance with the insurance company.
  4. Compliance-Specific Documentation – When disasters such as a ransomware attack strikes and you need to file a claim, the insurance company will require fine-grained, policy-specific documentation. Compliance Manager by SotoNets Cloud Solutions can deliver this on a highly technical level, free of human error.
  5. Make Sure You Have the Right Coverage – If your company doesn’t yet have cyber liability protection, you need to talk to an insurance broker that can offer specialized cyber liability insurance. Our solution is designed to work with the leading insurance companies that offer products in this area. If you already have a policy, ask about a supplemental policy that expands the coverage to include the cost of the remediation work that your managed services provider will have to do in the event of a breach.

In Conclusion

Staying on top of the compliance requirements will assure that there will be less resistance from the insurance company when making a claim. This has to be ongoing and reviewed periodically to fill any gaps.

When a compliance management system is in place to regularly verify compliance with the policy, it proactively discovers and exposes vulnerabilities. Read our next article, Compliance-as-a-Service Manager, to learn how to automate compliance. Your IT department or managed service provider can fix the issues to strengthen the IT environment and protect it from cybersecurity threats.

And when it’s time to renew your insurance, make sure that the new contract is reviewed as if signing a new contract.

Keeps IT Running.