What Insurers are Doing About Ransomware in 2022
Ransomware continues to be a major threat to many businesses. In Q3, 2021, cybercriminals made 190.4 million ransomware attempts, making it the highest quarter ever recorded by SonicWall, nearly overtaking the 195.7 million total ransomware attempts that took place in the first three quarters of 2020. Approximately 37% of global organizations were the victim of a ransomware attack in 2021. Since 2020, there have been over 130 strains of ransomware detected.
In 95% of cases where there were ransomware-related costs, the median loss was $11,150, although losses ranged from as low as $70 to as high as $1.2m. Obviously, you don’t want your business to suffer any financial losses as a result of a ransomware attack, but you certainly don’t want to risk a high cost. And the median loss is certainly that. If you don’t have adequate cybersecurity protocols in place, you could be the victim of multiple ransomware attacks, which could be extremely disruptive.
Insurance companies, however, can help protect enterprises from the threat of ransomware and the financial, operational, and reputational costs it entails. In 2022, we will see insurers playing a key role in this respect, as well as changing their practices.
Why Companies Need Cyber Insurance
Organizations must be prepared to deal with a ransomware attack. Cyber insurance can still help to mitigate cyber risks and liabilities. These include the costs associated with ransomware attacks, such as:
- Response costs
- Costs of retaining experts to help with the incident, investigation, and next steps
- Lost business income as a result of interruptions to networks or encryption
- Coverage for the ransom itself
Trends in Cyber Insurance in 2022
Cyber insurance claims in 2021 exploded and there is no sign of things slowing down in 2022. As a result of this, renewals are expected to be challenging, as insurers will be limiting aggregate exposure and enforcing stricter underwriting standards. For instance, nearly all cyber insurers are now increasing underwriting scrutiny and demanding more detailed submissions from their policyholders, including supplemental ransomware questionnaires or applications.
Also, many cyber insurers are imposing higher deductibles and sub-limits while significantly increasing premiums. Some insurers are limiting or eliminating certain types of coverage, such as coverage for state-sponsored attacks and social engineering fraud. An insurer might limit or exclude coverage for so-called ‘widespread events’, which apply when a single attack impacts multiple targets (both insured and not insured). An example of this would be an attack on supply chain software. Other cyber insurers are limiting coverage for contingent business interruption loss – those losses that result from a ransomware attack affecting another company’s system, on which you may rely to do business.
Forrester senior analyst Jeffrey Williams has stated:
“Cyber insurance has been an important tool since its introduction not long after the start of the dot-com bubble. But now ransomware attacks occur every 11 seconds and extortion demands have ratcheted up by 300% in just a single year, putting big dents in a once very profitable line. Cyber insurance premiums are up close to 30%, while the list of coverage limits and exclusions grows longer. More businesses might choose to self-insure or just go without.”
Meghan Hannes, vice president and cyber-product head at insurance provider Hiscox, notes “Some carriers are limiting ransomware coverage altogether,” adding that “ransomware makes up a large portion of our claims, both from a frequency and severity perspective.”
Despite the danger facing cyber insurers, digital insurance platforms (DIPs) will raise $20bn in 2022 as companies’ need and demand for technological transformations continue to disrupt the market and entice investors. DIPs raised $12bn in 2021 and $2.4bn, so clearly the demand for cyber insurance is stronger than ever.
According to market research from Forrester, one-third of insurers are also expected to increase their willingness to embed products within others’ ecosystems, so as to extend their product distribution.
How Organizations Can Get the Right Cyber Insurance
In this market, companies have to be mindful of potential gaps in coverage and should ensure that they obtain a tailored policy that meets their company’s insurance objectives. It is crucial that your organization uses sophisticated coverage counsel to help guide this process and review policies and quotes before you sign up for any coverage plan.
With many insurers now running from ransomware cover, it’s vital that you choose an insurer that will definitely protect you against this threat. AXA, for example, announced it would no longer reimburse cyber insurance policyholders in France if they chose to pay ransom demands to cybercriminals.
While it is understandable that insurers will want to limit their ransomware coverage, you want to find a cyber insurer who can protect you from the growing and severe threat of ransomware attacks. Be meticulous when you are looking at the details of any plan and compare different providers and plans, so that you can decide which one will offer you the most wide-ranging protection in the case of a ransomware attack.
Cyberlocke is a comprehensive, full-service IT services provider that architects and implements efficient and secure solutions for enterprise customers and their data centers. We specialize in security, cloud, managed services, and infrastructure consulting. Contact Us today to learn more.
