Thanks to the high-profile malware WannaCry and NotPetya, the threat of ransomware has re-entered the public consciousness. With its ability to render an infected system inert until users pay off the cybercriminals responsible with a hefty ransom, ransomware can cause huge losses for businesses.
Although both malware have been contained to a degree, the threat of another, much deadlier, ransomware remains. Even if software and cybersecurity developers patch their systems to better withstand data breaches, hackers will attempt to keep up and abuse the next vulnerability they find. Also alarming is that people will continue to be victimized, according to a survey recently conducted by the Centre for International Governance Innovation (CIGI) and Ipsos, which found that 24% of individuals said they would have no idea what to do if their computers were affected by ransomware.
It is not enough for businesses to have a cybersecurity system in place – insurance will be needed to cover for any shortcomings.
“There are lots of other features in a cyber policy,” explained
Chubb Canada vicepresident, media and cyber liability product manager Matthew Davies. “It can help organizations respond to ransomware and extortion threats. Ransomware is quite common these days and it can affect any size of business. A cyber policy would help to cover the costs of a ransom demand, as well as deal with instances of corrupt or destroyed data.” But on top of offering cyber coverage to their clients, how exactly should insurers respond to the ransomware trend?
Underwriters need to understand that demand for their services will increase proportionally to the demand for cyber insurance. Symantec Corporation vicepresident and general manager of cyber insurance Pascal Millaire warned that “a fundamental labour supply/demand mismatch” could arise if underwriters are unable to properly serve their clients.
“Going forward, there will be a need for more technology-enabled tools to streamline the underwriting process and supplement decisions with readily consumable underwriting data,” Millaire said.
For brokers, it means staying on top of the increasing complexity of ransomware and other malware. This means keeping up to date with major cybersecurity events and also tracking regulatory changes to breach notifications.
Brokers must also educate their clients on the
advantages of having a cyber policy.
“Cyber is very topical at the moment,” said Davies. “A lot of business owners and boards of directors are asking their insurance brokers about cyber coverage. The insurance broker has a critical role in explaining how to mitigate cyber risk.”
