Nearly anyone can be a victim on the cyber battlefield, including celebrities. The personal data of Madonna, Bruce Springsteen, Lady Gaga, and Elton John was stolen from Grubman Shire Meiselas & Sacks (GSMS), and because GSMS refused to pay the ransom in full, much of the information ended up for sale on the internet. Even though the FBI got involved and GSMS hired private individuals to recover the data, only some of it was reclaimed.
The GSMS attack used what’s referred to as the double extortion method:
- First, they stole data
- Then, they threatened to publish the data if GSMS didn’t pay the ransom within a specified time frame
A ransomware attacker can gain access to your system through a number of ways, including guessing an employee’s password, using malware to infiltrate your network, email spoofing, or spear phishing, which is explained in this video by Cisco.
While cyber insurance cannot prevent a ransomware attack, there’s a lot it can do if you find your systems hacked and your data held for ransom. But each attack—and insurance policy—is different.
Below, we’ll discuss how cyber insurance works, how it can be used to reduce the impact of ransomware settlements, what it covers, and the trends shaping the cyber insurance industry.
What Is Cyber Insurance and Who Needs It?
An organization can obtain cybersecurity insurance, also known as cyber liability insurance or cyber insurance, to help mitigate internet-related risks such as ransomware and other forms of cyberattack. The insurance contract transfers some of the risks to the insurer in return for a monthly or quarterly payment.
Cyber insurance benefits companies that produce, store, and handle electronic data online, such as credit card details, client contact information, and consumer purchases. It can help pay for the costs of reclaiming data in case it gets stolen. Cyber insurance is also an advantage for e-commerce companies because downtime resulting from a breach may result in lost clients and sales.
Can You Minimize Ransomware Settlement Exposure with Cyber Insurance?
Ransomware attacks are becoming more prevalent. And because no company is too big or small for malicious actors, it’s only a matter of time before an organization gets attacked—which is why many companies purchase cyber insurance in the first place. They don’t want to single-handedly shoulder the costs of an attack. Ransomware payments can be excessively costly, and some cyber insurance policies may cover the entire amount demanded by hackers.
But insurance companies are starting to tighten their requirements. In a threat landscape that sees ransomware attacks consistently topping the list of threats—not to mention ransomware demands increasing—before they grant or renew coverage, they now take steps to make sure businesses have basic cybersecurity protections in place. Absent these protections, they either deny coverage or charge higher premiums.
As experts from FortiGuard Labs observed in this video about ransomware and ransomware settlements, attackers are now more advanced and persistent, and they’re “more like nation-states.” And that’s because ransomware attacks provide a consistent stream of revenue for them.
What Does Cyber Insurance Cover?
In addition to costs and legal fees, cyber insurance often assists with:
- Restoring data from hacked systems and fixing broken computer systems
- Notifying customers of a data breach
- Protection against data compromise, which includes services from a public relations agency and providing credit monitoring for customers
- Identity recovery protection for victims of identity fraud
- Protection against harm caused by a virus or computer attack
When a data breach involves personally identifiable information (PII), most states require businesses to notify customers, and this can get costly. But because cyber insurance may cover this expense, a company can go the extra mile for customers that may have been impacted.
Cyber insurance may also cover the amount you send to an attacker as part of a ransomware settlement. In some cases, the insurance company may also help offset the costs of hiring a negotiator. In addition, cyber insurance may reimburse the money you spend to fix your systems. This may be the case if you’re hit with a wiperware attack, for example, which can destroy the data critical to your digital infrastructure.
What Cyber Insurance Can Do After an Attack
To illustrate the impact cyber insurance can have after an attack, consider the following example:
Suppose you’re the chief information security officer (CISO) at a large retailer, and your company gets hit with ransomware. The attacker demands that you pay $25 million in exchange for getting your systems back online. The following systems have been taken over by the attacker, and they’re currently useless:
- Your website
- Your e-commerce systems
- Computers belonging to the accounting department
- Your billing system
- The digital infrastructure that handles product sourcing
Your company is losing thousands of dollars every minute, but after reaching out to the FBI, you’re advised not to pay the ransom. Desperate, you decide to hire a negotiator. They spend hours going back and forth with the attackers, adding to the expense of the attack.
Because you take too long to pay up, the attackers use wiperware to destroy the data on your email server, which also handles your e-commerce solution.
Eventually, the negotiator reaches a settlement with the attackers, and they agree to accept $5 million. You’re given control of the surviving computer systems again. But you soon learn that customer data had been stolen and was being sold on the dark web.
In this case, here’s what cyber insurance could cover:
- The $5 million you paid to the attackers
- The negotiator’s fees
- The cost of restoring your web assets, including your e-commerce tools
- Expenses associated with reaching out to customers to inform them of the breach and what you’re doing about it
- Legal costs you incur because customers are suing you for compromising their information
- The costs of free credit reports you will now provide for three years to customers whose data had been stolen, just in case the hackers—or those they sell the information to—use customers’ information to make illegal purchases
While it would be rare for companies who’ve gone through an actual attack to reveal in detail how cyber insurance helped with their expenses, the above example is certainly feasible. Naturally, the benefits to cybercriminals are significant, and this has given rise to some interesting developments that directly impact the cyber insurance industry.
Trends in Cyber Insurance
Cyber risks are intricate and constantly changing. Attacks are becoming more frequent, with costs reaching millions of dollars. High-profile incidents like the Colonial Pipeline attack have been dissected and discussed far and wide, resulting in shifts in the cybersecurity insurance industry. Below is a list of some of the trends that are defining—and will continue to define—the cyber insurance space.
- As incidents gain wide media coverage, incidents become more frequent and serious
- More severe fines for data breaches can be anticipated in the future as data protection legislation begin to take shape around the world
- Intellectual property theft, business interruption, and cyber extortion will continue
- Vulnerable critical infrastructures pose a serious concern
- Cybersecurity isn’t foolproof
Can Cyber Insurance Save the Day?
Even though cyber insurance may absorb much of the impact of a ransomware attack, it won’t cover other losses—for example, customers choosing to stop doing business with your company or potential business partners suddenly backing out of deals.
So while cyber insurance will greatly help with costs, you still need to bolster your cybersecurity defenses, such as updating your security solutions, properly configuring your firewalls, performing frequent backups, and conducting regular employee education. Doing so reduces your chances of exposure to an attack—which, in turn, reduces the likelihood of your company paying hefty ransomware settlement amounts. Learn what cyber insurance covers and if you can use it to minimize your exposure to ransomware. Discover the latest cyber insurance trends.