What you need to know.
With cyber-crime activities on the rise, every company is becoming a target. It matters not how big or small, your industry, “in-the-cloud” or not, or if you think your business is boring to hackers. Assume everyone is a target for cyber-attacks, including yours.
Much has been written about how to mitigate these cyber threats including blogs of my own. But now the discussions are heating up regarding the liabilities and expenses incurred as consequences of this cyber-attack.
Nowhere is this more evident today than when having discussions with cyber liability insurance brokers and underwriters.
Key factors impacting the cyber liability market. The increases we’re seeing today in premiums, higher deductions and more exclusions are a direct result of increased cyber-attacks and ransomware events, resulting in enormous claim payouts.
The cyber liability insurance market is driven by several factors impacting coverage availability and pricing. These include:
Ransomware frequency and severity. Ransomware is up 148% in 2021. Data theft during a ransomware attack is up 77%.
Average cost of ransomware incident. The cost to recover often exceeds the ransomware request.
Increased cyber incident rates. Year over year, there has been a significant increase not only in ransomware but also data breaches, account take-overs, extortion and more.
Business Interruption loss is significant. The average downtime from a ransomware attack averages 23 days of loss revenue, not including opportunity cost.
Raising the Bar.
Insurance underwriters are now requiring customers to implement additional cyber protection solutions and security policies. There are multiple addendums now that may prevent a claim from being paid out. This includes requirements for:
Multi-factor Authentication (MFA)
Endpoint Detection & Response (EDR)
Phishing Exercise/Cyber Awareness Training
Incident Response Plan
Active Directory/Service Accounts
Disaster Recovery/ Backups
Do you really need cyber liability insurance?
Best way to determine this is to do a risk assessment to determine potential losses that are just not financial, but also compliance and penalties and fines, and loss of reputation. Your risk assessment should consider:
The maximum loss resulting from a cyberattack.
The most probable loss resulting from a cyberattack.
Contractual requirements with key customers that may require you to have cyber liability insurance as a condition of doing business.
Compliance and regulatory requirements that continue to require more cybersecurity protections.
How much you can afford, or even qualify to get.
Cyber liability premiums are determined by risks such as:
Demographics: Size, industry, sector, location, revenue etc.
Potential exposure: Type and volume of sensitive data stored/collected/processed.
Level of cybersecurity: The security defenses an organization uses.
History: Previous claims invariably result in higher premiums.
Policy terms: Coverage/liability limit etc.
Use this cyber index from Chubb to help with understanding these risks and associated costs that impact the cost of a policy.
Know what coverages you need.
Buying cyber insurance has become more expensive, more confusing, and comes with many more caveats than ever before. That’s why it’s key to understand the coverages, and your own business’s cybersecurity practices which factor into the underwriting of the policy.
Examples of cyber insurance coverages include, but are not limited to:
Business Interruption: Business interruption is one of the larger financial losses incurred from a ransomware event, with the average downtime being 23 days.
Cyber Extortion: Cyber extortion includes ransomware demands, email ransom campaigns and distributed denial of service (DDoS).
Customer and Employee Data Loss: Coverage areas include identity recovery, data compromise liability, and data compromise response expenses like fines and penalties.
Third-Party Lawsuits: If your network is negatively affected by a security incident and it impacts a third party, then your policy will cover potential lawsuits.
Payment Fraud: If you or your employees get deceived and end up transferring or diverting money to a fraudulent destination, then this covers funds lost in those scenarios.
These essential coverages will cover expenses related to:
Forensic analysis to identify the attack source.
Ransom demands and specialists to handle ransom negotiations.
Costs to regain access or restore your data from backups or other sources.
Public relations services.
Notification of clients and/or regulatory bodies.
Credit monitoring services for affected individuals.
Keeping costs down:
There is a direct relationship between cybersecurity and cyber insurance, that directly impact the premium, deductibles, and coverages for cyber liability insurance. Good cybersecurity and cyber-hygiene helps in several ways.
Easier to qualify and get cyber insurance.
Reduces the likelihood of making a claim, which would result in higher premiums in the future.
Reduces the risks of non-payment in the event of a cyber claim.
Minimizes the impact and cost if an incident occurs.
* * * * *
The overall message of this blog is that cyber liability insurance is becoming increasingly more expensive and more difficult to obtain. And the best approach to mitigating these costs and protecting your business is by having a robust and effective cybersecurity posture.
RIATA can help you understand where you need to improve, and thereby reduce your risk. Contact us to learn more about our Cybersecurity Audit that is a checklist of common best practices aligned to the needs of cyber liability underwriters.
About the Author: Tommy Wald is CEO of RIATA Technologies, a full-service IT provider located in Austin, TX. He can be reached at TWald@RiataTechnologies.com.