A recent BlackBerry Cyber Insurance Coverage study shows that businesses are growing increasingly concerned about how they will meet ransomware demands.
Only 19% of those surveyed have ransomware coverage limits above $600K, while 59% hoped the government would cover damages when future attacks are linked to other nation-states.
Not only are there more ransomware threats than ever, but the criminals are more ruthless. They will iterate threats and wait patiently in order to extract maximum damage.
For uninsured and underinsured organizations, this potentially puts them in extreme jeopardy. The cyber underground is increasingly sharing learnings and partnering to make threats as efficient as possible.
It’s vital businesses strengthen their security posture against these threats by supplementing insurance with a prevention-first software approach that lowers their overall risk (see Ransomware Attacks & Cyber Insurance).
The study suggests that small-to-medium-sized businesses (SMBs) have become the major target of ransomware attacks.
Of businesses with under 1,500 employees, only 14% have a coverage limit in excess of $600K. A recent Forrester report estimated that a typical data breach would cost the average organization $2.4 million to investigate and recover.
50% of SMBs respondents hoped the government would increase financial aid in all ransomware incidents.
Many businesses have reported cybersecurity insurance coverages are poorly tailored to their current situation. 37% of respondents aren’t currently covered for any ransomware payment demands, while 43% aren’t covered for auxiliary costs, such as court fees or employee downtime.
Cyber insurance has become harder to get due to increased software requirements placed by insurance brokers. 34% of respondents have been denied coverage due to not meeting specific Endpoint Detection and Response (EDR) software requirements.
Though it might sound counterintuitive, continuing to adhere to software requirements is one of the best ways to fight the ransomware industry.
50% reduction in the ratio of ransom demands that end up being paid. Better software adoption is a critical element in better positioning organizations to stand up to attackers (see Largest Ransomware pay-outs).
Cybersecurity is perhaps one of the most important topics for the insurance sector today. Insurers and insurance producers must protect the highly sensitive consumer financial and health information collected as part of the underwriting and claims processes.
This personally identifiable information (PII) is entrusted to the industry by the public.
As per GlobalData‘s Cybersecurity in Insurance report, by 2025, the cybersecurity market size in the insurance sector will have reached $10.6 billion. Revenues are expected to grow at a CAGR of 10.7% between 2020 and 2025.
- Cybersecurity revenues in the insurance sector will grow from $6.4 billion in 2020 to $10.6 billion in 2025, according to GlobalData forecasts
- The sector’s rapid digital transformation will drive this growth. Cybersecurity software will grow the fastest at a compound annual growth rate (CAGR) of 14.6%, followed by hardware (10.7%) and services (5.5%)
- The rise in complex ransomware attacks, the persistence of hybrid working models, ongoing supply chain threats, and the Russia-Ukraine war have all accelerated the need for robust cybersecurity defenses across sectors
COVID-19 led to more customers accessing their accounts digitally and insurers selling through digital channels, increasing the sector’s cyber risk. In 2021, leading financial institutions AXA, Tokio Marine, CNA Financial, and Banco Pichincha were hit by cyberattacks.