On May 9, European insurance giant AXA announced it will no longer provide support for ransom payments made to hackers. While AXA appears to be the first insurer to deny ransom payments, the move could signal an impending shift in ransomware insurance coverage.
The AXA announcement comes as ransomware attacks prove an increasingly lucrative business model. For instance, victims paid an estimated $350 million in ransom payments in 2020, over 300 percent more than in 2019. In recent high-profile cases, Colonial Pipeline paid attackers $4.4 million, and CNA Financial Corporation paid a whopping $40 million.
Meanwhile, cyber criminals continue to attack organizations across critical sectors. While the FBI and other security experts warn against paying ransoms, companies face devastating losses and even interruptions to critical care. Cybersecurity best practices, combined with following recommended steps when an attack does occur, may provide the best protection.
Cyber insurance has become a hot topic as organizations scramble to protect themselves against losses resulting from cyber-attacks. In addition to ransom negotiations and payments, typical policies also cover legal costs, as well as costs for forensic analysis, data restoration and communications related to the breach.
However, even before the AXA announcement, many cyber insurance companies had begun to ask more from the companies they insure. For instance, some insurers require policy holders to complete certain basic security steps. Others have begun to charge a coinsurance or limit payment to a percentage of the loss incurred.
This evolution in cyber insurance reflects more than a move by insurers to manage their own risk. The FBI and other government agencies, as well as many cybersecurity experts, warn against paying ransoms. Researchers at cybersecurity provider Kaspersky explain that paying a ransom provides no guarantee that organizations will recover their data intact.
More importantly, paying the ransom encourages attackers to carry out more attacks. And some experts suggest that carrying cyber insurance actually makes organizations more attractive targets. Clearly, companies cannot depend on insurers to continue to shoulder the bulk of the cyber risk.
While cyber insurance still provides significant benefits, organizations must focus on cybersecurity best practices to defend against ransomware. Some of those best practices include:
Even the best cybersecurity measures cannot provide complete protection against ransomware. But an effective response can help to reduce the damage from a ransomware attack when it does occur.
At the first indication of a ransomware attack, isolate impacted systems to contain the incident. Then perform a root cause analysis and begin to eradicate the infection and rebuild systems, giving priority to critical areas. Ensure effective communication throughout the process. This will include both internal and external teams and law enforcement.
Carl Mazzanti, President and Co-founder of eMazzanti Technologies, a specialist in cybersecurity, will address the New York State Cyber Security Conference on the topic of Ransomware in the Cloud. His virtual presentation runs from 12:30 – 1:30 pm, June 8, 2021. Interested parties may register here.
Ransomware attacks continue at alarming rates because it’s profitable for cyber-criminals. Every business of every size is a target, even in the cloud, but small businesses are least prepared. In his presentation, Mazzanti will discuss the essential facts about ransomware, including:
Ransomware attacks will continue, and organizations cannot depend on cyber insurance to provide adequate ransomware insurance coverage. Instead, the best protection also includes implementing cybersecurity best practices and building a solid incident response plan. The data security experts at eMazzanti help business leaders prepare for inevitable ransomware attacks.
Cyber threats never take a day off, never clock out and go home at the…
Building, deploying, and managing applications via Microsoft's global network of data centers is easier with…
Microsoft Copilot is a tool, powered by AI, that aims to boost your productivity within…
Making things happen is the art and science of project management. The process involves managing…
In today's fast digital life, website performance is important, as it holds visitors and ensures…
The FBI reported that cyber attacks against government facilities saw an increase of almost 36…