The malicious nature of cyber criminals has prompted cyber insurance carriers to implement new guidelines for clients.
Barracuda’s analysis on ransomware events that occurred between August 2020 and July 2021 noted a 64% increase in attacks year over year. Forty-four per cent (44%) of the attacks over the last 12 months targeted US organizations with an average ransom ask per incident of over $10 million. Just 8% of attacks had a ransom ask less than $10 million and 14% of attacks had an ask of more than $30 million.
“Ransomware has by far been driving the most losses in the cyber insurance industry,” Ross Ingersoll the cyber practice leader at Holmes Murphy told Insurance Business. “Insurance carriers have identified multi-factored authentication (MFA) as the leading indicator to prevent ransomware attacks.”
Ingersoll explained that there needs to be a recalibration of baseline underwriting controls, and MFA has been deemed a minimum guideline for an organization to be insurable when it comes to cyber.
“On top of MFA, employee training remains critical and should be at the top of every company’s priority list,” said Ingersoll. “Your employees, while they’re your biggest asset, they’re also you biggest liability.”
Employees are the frontline of security and privacy for an organization. Training on privacy or anti-phishing remains critically important for companies to stay resilient in the face of cyber threats, he said.
Ingersoll also emphasized the importance of having cyber security top of mind from the top down of an organization. Developing and periodically reviewing a breach response plan at the board of directors and C-suite level can help mitigate losses in the event of an attack.
End-point detection response, having an up-to-date incident response plan, as well as segregating and testing backups regularly are also important measures that should be constantly reviewed to ensure the safety of an organization.
Taking these steps has become increasingly important, particularly as cyber insurance starts to truly establish itself in the market.
“When you think of P&C there’s years of data that carriers can access to understand what drives losses,” said Ingersoll.
“Cyber is unique in the sense that carriers don’t have access to that much data,” he explained. “In the last 6-24 months carriers have really uncovered what’s driving losses and what can prevent losses from occurring.”