Cyber Insurance: Is Ransomware Driving Up Costs?
- Published: Wednesday, Aug. 19, 2020
Most organizations have varying types of insurance policies to protect them in case something goes wrong. Cyber Insurance is designed to protect an organization from an incident that occurs related to IT. Specifically, cyber insurance will provide provisions to protect and recover from digital threats and activities.
Most policies will include coverage in the case of recovering data, loss of computer systems, ransom demands, breach notifications and possibly also cover lawsuit protection and compensation to customers affected.
Cyber insurance can be very costly, depending on deductibles and how many options you apply to your policy. Make sure to understand the coverage you are getting.
In the case of ransomware many policies are recommending paying the ransom in order to recover quickly and with less time and costs than the recovery process would entail.
When an organization experiences a ransomware attack the insurance company will want to bring in a forensics team to discover what data was compromised. Many times the insurance company will also need to negotiate with the hacker. If the ransom is paid and the hacker does not release the key to unlock the systems then there is the added costs of recovery.
Remember, cyber insurance will not protect you from experiencing a cyber attack. It will help to protect you from liabilities that occur as a result of the attack. Preparing for cyber attacks by fortifying your network can result in lower insurance rates.
- Make sure you have offsite/offline backups of your system.
- Use segmentation to minimize the attack surface.
- Configure firewalls, anti-virus and anti-spam.
- Educate your users of phishing and the signs of compromise.
- Implement and test an incident response plan.