CYBER INSURANCE | 2 MIN READ
It seems there is a rise in hacking threats for 2021, and the stats prove it. Right now, cybercrime is up 300% since 2020 and - at the time of this article - contributed to over $300 million in damages for businesses. It's looking like a record setting year, but with more prolific attacks making headlines, what is the truth behind how it is affecting small and medium sized businesses. And why are hackers targeting companies with cyber insurance?
Don't have a lot of time? Jump to what you need:
What Companies with Cyber Insurance or Enticing Hackers
You may have guessed already, but much like health or homeowner's insurance, cyber insurance serves as a financial safety net for companies in the event of a cyberattack. For instance, if a business falls victim to a ransomware attack (where the hacker encrypts sensitive data or threatens to expose it), cyber insurance allows a business to pay the ransom, retrieve their hijacked data, and potentially save-face with their clients.
But therein lies the problem.
RELATED: 6 Questions to Ask Before Buying Cyber Insurance
RELATED: Ransomware Attacks 2021
If your house is burglarized and you have damages to claim, your home owner's insurance is there to help you recover the financial loss. Few people have tens of thousands of dollars sitting in their bank account to replace items stolen (nor do they want to use their savings to cover the cost of replacing it).
But imagine if the burglar took your most prized possession and said, I'll give it back to you if you give me $100,000.
This is a ransom, and this is exactly what happens to businesses attacked by hackers. Companies with cyber insurance are most likely to be targeted because hackers know they are the most likely to pay.
But what about insurance providers? Are they likely to keep dishing out money just because their client's have a policy with them?
Yes and no.
Cyber insurance providers aren't taking these attacks lightly. Businesses that are attacked are seeing premiums rise and in come cases, requests for payment denied by insurance providers.
How can they deny your claim if you paid for insurance?
The answer is the same way a home insurance provider can deny a claim. With home insurance, if your possessions are stolen but there isn't any sign of forced entry (meaning they entered through an unlocked door or window), the insurance company could deny your claim.
Dealing with a ransomware attack is becoming increasingly similar. If you are not protected with in-house IT support or with a managed IT services provider, it may be difficult to find an insurance provider who will cover you, or, if you already have coverage, they may deny a claim if you aren't leveraging basic network security protections.
It's important to note that there isn't a clear and easy way for a hacker to discover if you have cyber insurance. The only way that would be possible is if your insurance company was breached and they were able to discover your cyber insurance provider's clients.
That being said, hackers love a company willing to shell out a payday, and businesses with cyber insurance are more likely to pay a ransom to get their data back. After all, that's what insurance is for, right?
What many never think about is that hackers are very eager to give you your data back (in most cases) because it means they just made money. That doesn't mean, however, that they're going to remove the ransomware from your network.
Guess what will happen the next time they need to pay a bill (or have an eye for something lavish)?
That's right. If you haven't found the ransomware on your network, they simply reactivate it and ask for payment again. It's a never ending cycle and the only other option is to allow the files to remain encrypted, destroyed, or sold on the dark web.
Having a back-up continuity and disaster recovery plan is important for this very reason, but that's another topic altogether.
RELATED: What is a BCDR Plan?
It seems crazy to not protect your business from the eventuality of a ransomware attack, but it may seem equally crazy to purchase cyber insurance if you feel like it will make you a bigger target.
It's a best practice to do everything. Get cyber insurance, but make sure you are reviewing your policy and protecting yourself. Managed IT services for added cyber security measures is not only smart, but quickly becoming a necessity for many businesses who do not have the means to bring on an in-house team of IT professionals.
There are over 4,000 businesses attacked every single day, and the vast majority of them are not large companies that make headlines. With cybercrime serving as an increasingly lucrative career, it isn't a matter of if a cybercriminal will target your business...
...but when.
RELATED: Cyber Insurance: Do You Need It?
Have more questions? Reach out to us and we will answer them, or drop a comment below!