Cyber experts are now considering “ransomware” the predominant cyber threat confronting businesses of all sizes. Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid. The number of ransomware attacks worldwide spiked by 170% between Q1 of 2019 and Q4 of 2020, and the severity of incidents has been increasing as well.
For US companies that decided to pay a ransom in the first quarter of 2021, the average payment was up more than 400% from FY2019. The average cost of ransomware remediation has also increased, rising to US$1.85 million this year from US$700,000 in 2020.
The availability of accessible and relatively low-cost ransomware kits, or ransomware-as-a-service (RaaS), combined with a new strategy that involves both data encryption and the publication of stolen data, known as double extortion, has caused the frequency and severity of ransomware attacks to skyrocket.
According to a recent report, titled Cyber Insurance: A Hard Reset, these factors have driven the largest medium-term rate hike across the entire insurance market as carriers scramble to get ahead of rising loss costs. Global cyber insurance pricing spiked by 32% on average between June 2020 and June 2021. That’s on the back of a 50% rise since data tracking began. Insurers are also limiting coverage availability and are only willing to deploy capacity if they are satisfied with an organization’s risk management framework, and cyber resilience efforts.
The COVID-19 pandemic has also amplified the risks associated with cyber and revealed pre-existing vulnerabilities. While businesses are investing in data and cloud security to deal with the changes brought about by the pandemic, such as the proliferation of remote work and accelerated digitalization, cyber criminals often seem to be one step ahead of them exploiting interest and concerns about the pandemic to entice users to click on malicious links or attachments. Delays in breach discovery due to fewer on-site staff has exacerbated the issue.
Cyber Risk Mitigation
Preparation is the best solution for any cyber incident. Superior mitigation and response measures can support shareholder value and minimize reputational risks in the event of a cyber-attack. Unprepared companies, however, usually suffer disproportionate impacts that can lead to regulatory intervention or litigation.
Planning and investment in cybersecurity and incident response is money well spent. This includes antivirus and ransomware protection, encryption software, passwords managers and two-factor authentication to protect against identity theft.
It’s important to remember that no organization is immune to the impact of cyber crime. As a result, cyber liability insurance has become an essential component of any risk management program.
Should a cyberattack occur, an in-place cyber insurance policy helps pay for, the often enormous, business restoration, customer lawsuit, and digital and financial identity costs.
Cyber Risk Exposure Score
To estimate the cyber risk your organization faces, complete this exposure calculator and learn your cyber risk score!
If you are uninsured for Cyber Risk, this is the year to purchase Cyber insurance and stay secure from a breach in your system or loss of information. Your VANTREO team brings the Cyber and Privacy expertise needed to help protect both your organization and its people. We’re here to help. If you’d like more info, just let us know. Reply here. We look forward to the conversation.