Navigating a changing cyber security landscape

Ransomware has warped the cybersecurity landscape. A report from Telus found that 44% of Canadian organizations have paid a ransom to free their malware-affected systems. And as more companies choose to bite the bullet and pay off ransoms, the more emboldened hacker groups have come to target organizations they believe will submit to their demands.

But just like any risk, ransomware can affect the pricing of an organization’s cyber insurance – and businesses need to make this important consideration when purchasing coverage.

A new guide by Insurance Business’s Mark Rosanes takes a look at the five factors that affect cyber insurance costs. While the guide briefly touches upon ransomware, it also lists tips on how organizations can lower their vulnerability to such malware, and at the same time control their cyber insurance costs.

Read Insurance Business’s cyber insurance cost guide here

On top of what this guide prescribes, here are some important additional considerations for Canadian businesses when purchasing cyber insurance, in the context of ransomware:

• A report by the cyber insurer Coalition found that ransomware groups will target any organization, regardless of size. It noted that in 2021, there was an increase in ransomware attacks specifically for accounts below $25 million in revenue. All businesses both large and small need to have a cybersecurity plan in place against ransomware risk if they hope to control their insurance costs.
   
• Businesses in the manufacturing industry have become a popular target for ransomware in recent times, and it could be a big factor in their insurance costs. IBM’s Security X-Force Threat Intelligence Index revealed that in 2021, the manufacturing sector suffered the greatest number of cyberattacks. Another report by Dragos found that ransomware was the top cyberattack vector in the industrial sector, targeting their industrial control systems (ICS) and operational technology (OT) networks.
   
• Having system backups on top of cybersecurity measures could help further lower insurance costs. The aforementioned Telus report on ransomware found that 42% of organizations who paid the ransom said they got full access to their data back, 49% said they only got partial access back, and the remaining 7% said their access was never restored. The report also alarmingly found that 15% of respondents whose organizations were hit by ransomware said that they were re-infected by the same malware after recovery.

Read Insurance Business’ cyber insurance cost guide here