Are cyber insurance firms incentivising ransomware attacks?
Ransomware is one of the largest threats businesses are facing today. In the face of such threats, more businesses are turning to cyber security insurance to cover the crippling expenses an attack can bring. But is it fair to say that cyber insurance companies are incentivising ransomware attacks?
When attacked, if you’ve got all the necessary security solutions and talent in place to detect, contain, assess and remediate, you should be able to overcome a successful attack, even ransomware.
But nothing can ever be 100% guaranteed. And that is why cyber insurance, also known as cyber liability insurance, exists. In the event of a successful attack, most policies will cover first and third-party financial and reputational costs if systems and data have been damaged, lost or stolen.
However, industry researchers are growing more and more concerned that cyber insurance is making the situation worse. According to a global survey carried out by Sophos, businesses with cyber insurance are more than twice as likely to pay ransoms, in comparison to those without. Insurance could be unintentionally advancing criminal behaviour, funding operations and emboldening chancers – Microsoft recently led an investigation into cyber masterminds promoting and selling ready-made email phishing kits, along with hosting and even support.
It isn’t currently illegal for businesses to pay ransoms, there are noises about new UK legislation banning them. Legal positions aren’t clear at the moment, but it is illegal under the Terrorism Act 2000 to pay a ransom if it may be used for the purposes of terrorism.
Cyber insurance does have a role to play in the protection of businesses -to encourage policy holders to improve their defences and remediation strategies as much as possible. This about it, is your car insurance going to pay out if you leave all the door open and the keys in the ignition? Having robust security defences in place can help identify threats in your security posture, and uncover any vulnerabilities that can be exploited by cyber criminals.
Prevention is key!
What extra measures your business can take to prevent threats
EDR
The most obvious way to protect your business from ransomware is to implement an effective endpoint protection that continuously scan for known and unknown threats and works to remediate before they become an issue. Our service Securyx is an enhanced endpoint security service which is designed to strengthen the protection, resilience and business continuity of businesses.
Vulnerability management
Although it’s common for cyber criminals to launch an ransomware attack by a successful phishing attempt, it doesn’t mean that they can’t find a security hole within your IT estate and use it to their advantage. Without regular vulnerability management, your business won’t be able to uncover weaknesses and remediate before they’re exploited.
A comprehensive vulnerability management solution will proactively scrutinise your IT infrastructure for any vulnerabilities to determine their significance and criticality before proposing and executing the measures for remediation. Interesting fact…More vulnerabilities were disclosed in 2020 than in any other year to date. And 57% were classified as being ‘critical’ or ‘high’ severity which was more than the total number of all vulnerabilities recorded in 2010. Scary right? It’s time to give hidden vulnerabilities more importance and tackle them before it’s to late! Cyber criminals only need one vulnerability to exploit your business.
Security Awareness Training
If you want to work on preventing ransomware then your business needs to be proactive. And a part of that is realising that ransomware can be launched through a phishing email targeted at your employees. Implementing a comprehensive cybersecurity awareness training program will ready your employees with the knowledge that need to actively delete suspicious email, refrain from opening malicious attachments and reporting any suspicious activities.
For more information on enhanced ransomware protection, contact our cyber security team.
