According to recent news, insurers have reportedly reduced their cyber cover for companies by half due to the increasing cases of attacks, and mounting payouts. The premium rates companies are paying have also increased significantly – almost double in the US, 73% increase in Britain, and the rates of some policies have increased by 300%.
Paying (way) higher premiums and getting (much) lower coverage probably doesn’t make sense for many. However, that is the current market. How can companies overcome this? Should they be shelling out more funds to cover themselves? Should they cancel the policy now since it no longer makes sense? Are there other solutions?
Insurers who issued US$5 million cyber liability policies last year have scaled back to limits of between US$1 million and US$3 million this year, according to a report last month by US broker Risk Placement Services (RPS).
If Insurance Policies Aren’t Viable, What Can Be Done?
Teong Eng Guan, Regional Director, Southeast Asia and Korea, Check Point Software Technologies shares his thoughts on how to better protect oneself and reduce too much dependency on insurance policies.
With insurers reducing the amounts they will cover organizations in the event of a cyber attack, it has become more important for organizations to take a prevention approach when it comes to their cybersecurity strategy. Organizations should consider the following to protect themselves against ransomware:
- Raise your guard around weekends and holidays – Most ransomware attacks over the past year took place over weekends and holidays when people are less likely to be watching.
- Up-to-date patches – Keeping computers up-to-date and applying security patches, especially those labeled as critical, can help limit an organization’s vulnerability to ransomware attacks.
- Anti-Ransomware – Some ransomware operators use well-researched and highly targeted spear phishing emails as their attack vector. These emails may trick even the most diligent employee, resulting in ransomware gaining access to an organization’s internal systems. Protecting against such ransomware requires a specialized security solution. In order to achieve its objective, ransomware must perform certain anomalous actions, such as opening and encrypting large numbers of files. Anti-ransomware solutions monitor programs running on a computer for suspicious behaviors commonly exhibited by ransomware, and if these behaviors are detected, the program can take action to stop encryption before further damage can be done.
- Education – Training users on how to identify and avoid potential ransomware attacks is crucial. Many of the current cyber attacks start with a targeted email that does not even contain malware, but a socially engineered message that encourages the user to click on a malicious link. User education is often considered one of the most important defences an organization can deploy.
- Ransomware attacks do not start with Ransomware – Ryuk and other ransomware purchase infection bases in targeted organizations. Security professionals should be aware of Trickbot, Emotet, Dridex and CobaltStrike infections within their networks and remove them using threat hunting solutions – as they open the door for Ryuk or other ransomware infections to infiltrate organizations
Detecting attacks is no longer enough, with ransomware amounts seeing an upward trend especially during the pandemic. By employing the methods suggested above, hopefully we can all be armed against these threats, and be mindful when we are in the cyberspace for work or leisure.